Ref e r ence 


WORLD INTELLECTUAL PROPERTY ORGANIZATION 
International Bureau 



PCT 

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 


(51) International Patent Classification 6 : 
H04L 9/08, H04Q 7/38 


Al 


(11) International Publication Number: WO 97/45981 

(43) International Publication Date: 4 December 1997 (04.12.97) 


(21) International Application Number: PCT/GB97/01407 

(22) International Filing Date: 23 May 1997 (23.05.97) 


(30) Priority Data: 

9611411.1 


31 May 1996 (31.05.96) 


GB 


(71) Applicant (for all designated States except US): ICO SER- 

VICES LTD. [GB/GB]; 1 Queen Caroline Street, London 
W6 9BN (GB). 

(72) Inventor; and 

(75) Inventor/Applicant (for US only): JOHNSTON, Thomas, 
Francis [CA/GB]; 22 A Cleveland Square, London W2 6DG 

(GB). 

(74) Agents: READ, Matthew, Charles et al.; Venner, Shipley & 
Co., 20 Little Britain, London EC1A 7DH (GB). 


(81) Designated States: AL, AM, AT, AU, AZ, BB, BG, BR, BY, 
CA, CH, CN, CZ t DE, DK, EE, ES, Fl, GB, GE HU 
IS, JP, KE, KG, KP, KR, KZ, LK, LR, LS, LT, LU, LV, 
MD, MG f MK, MN, MW, MX, NO, NZ, PL, PT, RO, RU, 
SD, SE t SG, SI, SK, TJ, TR, TT, UA, UG, US, UZ, VN, 
ARIPO patent (GH, KE, LS, MW, SD, SZ, UG), Eurasian 
patent (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), European 
patent (AT, BE, CH, DE, DK, ES, Fl, FR. GB, GR, IE, IT, 
LU, MC, NL, PT, SE), OAPl patent (BF, BJ, CF, CG, CI. 
CM, GA, GN, ML, MR, NE, SN, TD, TG). 


Published 

With international search report. 

Before the expiration of the time limit for amending the 
claims and to be republished in the event of the receipt of 
amendments. 


(54) Title: SECURE COMMUNICATION 



(57) Abstract 

A method of distributing through a communications network enciphering keys for a secure communications session via said network 
between first and second terminals (2a, 2b) corresponding first and second terminal keys (K. ( Kb) comprising: storing said first and second 
terminal keys (K a , Kb) remotely to said terminals (2a, 2b); providing a number (RAND); generating first and second corresponding partial 
keys (K pa , K P b) each comprising a corresponding function of said number (RAND) and a corresponding one of said terminal keys (K a , Kb); 
and dispatching the first partial key (K pa ) towards the second terminal (2b), and vice versa. 


FOR THE PURPOSES OF INFORMATION ONLY 
Codes used to identify States party to the PCT on the front pages of pamphlets publishing international applications under the PCT. 


AL 

Albania 

ES 

Spain 

LS 

Lesotho 

SI 

Slovenia 

AM 

Armenia 

FI 

Finland 

LT 

Lithuania 

SK 

Slovakia 

AT 

Austria 

FR 

France 

LU 

Luxembourg 

SN 

Senegal 

AU 

Australia 

GA 

Gabon 

LV 

Latvia 

sz 

Swaziland 

AZ 

Azerbaijan 

GB 

United Kingdom 

MC 

Monaco 

TD 

Chad 

BA 
BB 

Bosnia and Herzegovina 
Barbados 

GE 
Gil 

Georgia 
Ghana 

MD 
MG 

Republic of Moldova 
Madagascar 

TG 
TJ 

Togo 
Tajiktstan 

BE 

Belgium 

GN 

Guinea 

MK 

The former Yugoslav 

TM 

Turkmenistan 

BF 

Burkina Faso 

GR 

Greece 


Republic of Macedonia 

TR 

Turkey 

BG 

Bulgaria 

HU 

Hungary 

ML 

Mali 

TT 

Trinidad and Tobago 

BJ 

Benin 

IE 

Ireland 

MN 

Mongolia 

UA 

Ukraine 

BR 

Brazil 

IL 

Israel 

MR 

Mauritania 

UG 

Uganda 

BY 

Belarus 

IS 

Iceland 

MW 

Malawi 

US 

United States of America 

CA 

Canada 

IT 

Italy 

MX 

Mexico 

uz 

Uzbekistan 

CF 

Central African Republic 

JP 

Japan 

NE 

Niger 

VN 

Viet Nam 

CG 

Congo 

KE 

Kenya 

NL 

Netherlands 

YU 

Yugoslavia 

CH 

Switzerland 

KG 

Kyrgyzstan 

NO 

Norway 

ZW 

Zimbabwe 

CI 

C6te d'lvoire 

KP 

Democratic People's 

NZ 

New Zealand 



CM 

Cameroon 


Republic of Korea 

PL 

Poland 



CN 

China 

KR 

Republic of Korea 

FT 

Portugal 



cu 

Cuba 

KZ 

Kazakstan 

RO 

Romania 



cz 

Czech Republic 

LC 

Saint Lucia 

RU 

Russian Federation 



DE 

Germany 

U 

Liechtenstein 

SD 

Sudan 



DK 

Denmark 

LK 

Sri Lanka 

SE 

Sweden 



EE 

Estonia 

LR 

Liberia 

SG 

Singapore 




i 


WO 97/45981 


1 

SECURE COMMUNICATION 


PCT/GB97/01407 


This invention relates to a method and apparatus 
for secure communications. 

Digital mobile voice communications systems are 
5 known. One example is the GSM terrestrial cellular 

system; others are the Inmarsat-M satellite telephone 
system, the IRIDIUM (TM) satellite cellular system 
(described in, for example, EP-A-0365885 ) , the ICO 
(TM) satellite cellular system (described in, for 
0 example, GB-A-2295296 } or the ODYSSEY (TM) satellite 

cellular system (described in, for example, EP-A- 
0510789) . 

Since such systems operate over a wireless link, 
there is - a risk of interception of calls by 
5 unauthorised persons . 

The GSM system includes an optional encryption 
scheme described in, for example, "Security aspects 
and the implementation in the GSM -system" ; Peter C.J. 
van der Arend, paper 4a, Conference Proceedings of the 
Digital Cellular Radio Conference (DCRC) , October 
12th-14th 1988, published by Deutsche Bundespost, 
France Telecom and Fernuniversitate . Greater detail 
is given in the following GSM recommendations: 

GSM 02.09 "Security Aspects"; GSM 03.20 "Security 
Related Network Functions"; GSM 03.21 "Security 
Related Algorithms". 

In this scheme, a database known as the 
Authentication Centre (AuC) holds an individual 
encryption key number (KJ for each subscriber to the 
authentication service, which is also stored on a chip 
known as the Subscriber Information Module (SIM) held 
in the subscriber's mobile terminal. The subscriber 
has no access to the data stored in the SIM and cannot 
read the key. 
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Where a secure session is requested, a random 
number (RAND) is generated by the Authentication 
Centre and used, together with the customer's key (Ki) , 
to calculate a ciphering key <K C ) used during the 
5 session for ciphering and deciphering messages to/from 

the subscriber. 

The random number is sent to the subscriber's 
mobile terminal via the Base Transceiver Station 
(BTS) . The mobile terminal passes the random number 
10 to the SIM, which calculates the ciphering key K c using 

an algorithm termed A5 . 

Thus, the random number is sent over the air, but 
not the customer's key K ± or the ciphering key K c . 

The random number and the ciphering key K c are 
15 sent to the Home Location Register (HLR) database 

storing details for the subscriber concerned and are 
also sent to the Visiting Location Register (VLR) for 
. the area where the use is currently located, and are 
supplied to the BTS via which the mobile is 
20 communicating. 

The ciphering key K c is used, together with the 
current TDMA frame number, to implement the A5 
ciphering algorithm in the mobile terminal and the 
Base Transceiver Station. Thus, the individual user 

2 5 key Ki is stored only at the authentication centre and 

the SIM, where the ciphering key K c is calculated and 
forwarded to the BTS and the mobile terminal - 

Whilst this scheme is adequate in many respects, 
it fails to provide complete security since it offers 
30 protection only over the air transmission path. Thus, 

it is possible for illicit access to be obtained by 
tampering with the fixed part of the network. 

Accordingly, the present invention provides a 
mobile communications system utilising end-to-end 

3 5 encryption. Because the encryption runs from one user 
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terminal to the other, across the whole communi cat ions 
path and not just the air path, improved privacy is 
obtained. 

The basic problem in offering end-to-end 
5 encipherment of communications over a network is in 

providing each of the two users with the same, or each 
other ' s , secret key . 

In some applications, a group of terminals (for 
example all owned by a single body) may all have 

10 access to the same key. Whilst this provides privacy 

against personnel from outside the group, it is an 
incomplete solution since it does not provide privacy 
for communication between two terminals within the 
group and a third within the group. 

15 It is possible to employ public key encryption 

systems, in which each terminal has a secret 
decryption key and a non- secret encryption key, so 
that any other party can use the encryption key to 
encrypt data but only the recipient can decrypt data 

20 which has been encrypted using the public encryption 

key. 

A communication system could be envisaged in 
which every user is provided with such a pair of keys, 
and in setting up a communication between a pair of 
25 users each sends the other its encryption key whilst 

keeping its decryption key secret. 

However, there is widespread public concern that 
the use of such techniques on a telecommunications 
network would allow criminals or terrorists to 
3 0 communicate using completely secure communications, 

free from any possibility of supervision. 

Accordingly, aspects of the present invention may 
provide of a "trusted third party" database holding 
copies of the keys, and distributing to each terminal 
35 key data relevant to the key of the other terminal. 
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Preferably, the key data sent to each terminal is 
masked, to prevent its interception by an eavesdropper 
and very preferably, even the receiving terminal is 
unable to extract or recover the key of the terminal. 
5 Instead, in a preferred embodiment, each terminal 

constructs a key dependent jointly upon its own key 
and the key data received in relation to the other 
terminal . 

In a preferred embodiment, the masking takes the 
10 form of processing each terminal key together with a 

number (the number being the same for each terminal 
key) using a function so that, although neither 
terminal can extract the other terminal's key, each 
can construct the same combination of the two keys and 
15 the number as an enciphering key. 

The invention is envisaged for use in satellite 
mobile digital communications systems, and is also 
useful in corresponding terrestrial digital mobile 
communication systems (e.g. in cellular systems such 
20 as the GSM system), or in fixed link communication 

systems. The invention may also be practised in 
store -and- forward communication systems such as e-mail 
or the Internet. 

Aspects of the invention and preferred 
25 embodiments thereof are described in the claims and 

the following description. 
BRIEF DESCRIPTION OF THE DRAWINGS 

Embodiments of the invention will now be 
described, by way of example only, with reference to 
30 the accompanying drawings, in which: 

Figure 1 is a block diagram showing schematically 
the elements of a communications system embodying the 
present invent ion ; 

Figure 2 is a block diagram showing schematically 
35 the elements of mobile terminal equipment suitable for 
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use with the present invention; 

Figure 3 is a block diagram showing schematically 
the elements of an Earth station node forming part of 
the embodiment of Figure 1; 
5 Figure 4 is a block diagram showing schematically 

the elements of a gateway station forming part of the 
embodiment of Figure 1; 

Figure 5 is a block diagram showing schematically 
the elements of a database station forming part of the 
10 embodiment of Figure 1; 

Figure 6 illustrates the contents of a store 
forming part of the database station of Figure 5; 

Figure 7a illustrates schematically the beams 
produced by a satellite in the embodiment of Figure 1; 
15 Figure 7b illustrates schematically the 

disposition of satellites forming part of Figure 1 in 
orbits around the earth; 

Figure 8 is a block diagram showing the signal 
flow between components of the handset of Figure 2 in 
20 a first embodiment of the invention; 

Figure 9 is a schematic block diagram showing the 
flow of encryption data and signals between the 
components of Figure 1 in the first embodiment; 

Figure 10a is a flow diagram showing 
25 schematically the process performed by the control and 

enciphering components of the handset of Figure 8 in 
the first embodiment; 

Figure 10b is a flow diagram showing 
schematically the process of operation of the earth 
30 station of Figure 3 in the first embodiment; 

Figure 10c is a flow diagram showing 
schematically the process of operation of the central 
database station of Figure 4 in the first embodiment; 

Figure lOd is a flow diagram showing 
35 schematically the process of operation of a subscriber 
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information module (SIM) held within the handset of 
Figure 8 in the first embodiment; 

Figure 11a is a an illustrative diagram showing 
the stages of formation of the enciphering key by a 
5 first handset terminal of Figure 8; and 

Figure lib is a corresponding illustrative 
diagram showing the process of formation of the 
enciphering key at a second such handset; 

Figure 12 is a flow diagram modifying the 
10 operation of that of Figure 10c in a third embodiment 

of the invention; 

Figure 13b is a flow diagram modifying the 
operation of that of Figure lOd in the third 
embodiment ; 

15 Figure 14 is a flow diagram illustrating 

schematically the stages of security provided in a 
fourth embodiment of the invention; 

Figure 15a is a block diagram showing 
schematically some of the functional elements present 

20 in the handset of Figure 8 according to the fourth 

embodiment of the invention; 

Figure 15b is a block diagram showing 
schematically some of the functional elements present 
in the database station of the fourth embodiment; 

25 * Figure 15c is a block diagram showing 

schematically some of the functional elements present 
in the earth station of the fourth embodiment; 

Figure 16a (incorporating parts of Figure 10a) is 
a flow diagram showing schematically the operation of 

30 a handset according to the fourth embodiment; 

Figure 16b (incorporating parts of Figure 10b) is 
a flow diagram showing schematically the process of 
operation of an earth station according to the fourth 
embodiment ; 

35 Figure 16c (incorporating parts of Figure 10c) is 
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a flow diagram showing schematically the operation of 
a database station according to the fourth embodiment; 
and 

Figure 16d (incorporating parts of Figure lOd) is 
5 a flow diagram showing schematically the operation of 

a subscriber information module according to the 
fourth embodiment . 
PREFERRED EMBODIMENT 

Referring to Figure 1, a satellite communications 

10 network according to this embodiment comprises mobile 

user terminal equipment 2a, 2b; orbiting relay 
satellites 4a, 4b; satellite earth station nodes 6a, 6b; 
satellite system gateway stations 8a f 8b; public 
switched telecommunications networks 10a, 10b; and 

15 fixed telecommunications terminal equipment 12a, 12b. 

Interconnecting the satellite system gateways 
8a, 8b with the earth station nodes 6a, 6b, and 
interconnecting the nodes 6a, 6b with each other, is a 
dedicated ground-based network comprising channels 

20 14a, 14b, 14c. The satellites 4, earth station nodes 6 

and lines 14 make up the infrastructure of the 
satellite communications network, for communication 
with the mobile terminals 2, and accessible through 
the gateway stations 8 . 

25 A terminal location database station 15 is 

connected, via a signalling link 60 (e.g. within the 
channels 14 of the dedicated network) to the gateway 
station and earth stations 6 . 

The PSTNs 10a, 10b comprise, typically, local 

30 exchanges 16a, 16b to which the fixed terminal 

equipment 12a, 12b is connected via local loops 
18a, 18b; and international switching centres 20a, 20b 
connectable one to another via transnational links 21 
(for example, satellite links or subsea optical fibre 

35 cable links). The PSTNs 10a, 10b and fixed terminal 
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equipment 12a, 12b (e.g. telephone instruments) are 
well known and almost universally available today. 

Each mobile terminal apparatus is in 
communication with a satellite 4 via a full duplex 
5 channel (in this embodiment) comprising a down link 

channel and an up link channel, for example (in each 
case) a TDMA time slot on a particular frequency 
allocated on initiation of a call, as disclosed in UK 
patent applications GB 2288913 and GB 2293725. The 
10 satellites 4 in this embodiment are non geostationary, 

and thus, periodically, there is hand over from one 
satellite 4 to another. 
Mobile terminal 2 

Referring to Figure 2, the mobile terminal 
15 equipment of Figure 1 is shown. 

One suitable form is a handset, as shown. 
Details of the handsets 2a, 2b etc do not form part of 
the present invention, but they may comprise handsets 
similar to those presently available for use with the 
20 GSM system, comprising a digital coder/decoder 30, 

together with conventional microphone 36, loudspeaker 
34, battery 40 and keypad components 38, and a radio 
frequency (RF) interface 32 and antenna 31 suitable 
for satellite communications. Preferably a display 39 
25 (for example a liquid crystal display) is also 

provided. A 'smart card' reader 33 receiving a smart 
card (SIM) 35 storing user information is also 
provided. 

The coder /decoder (codec) 30 comprises a low bit 
30 rate coder, generating a speech bit stream at around 

3.6 kilobits per second, together with a channel coder 
applying error correcting encoding, to generate an 
encoded bit stream at a rate of 4,8 kilobits per 
second. The low bit rate coder may, for example, be 
35 a linear predictive coder such as a multiple pulse 
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predictive coder (MPLPC) a code book excited linear 
predictive coder (CELP) , or a residual excited linear 
predictive coder (RELP) . Alternatively, it may employ 
some form of waveform coding such as subband coding. 
5 The error protection encoding applied may employ 

block codes, BCH codes, Reed-Solomon codes, turbo 
codes or convolutional codes. The codec 30 likewise 
comprises a corresponding channel decoder (e.g. using 
Viterbi or soft decision coding) and speech decoder. 
10 Also provided is a control circuit 3 7 (which may 

in practice be integrated with the coder 30) 
consisting of a suitably programmed microprocessor, 
microcontroller or digital signal processor (DSP) 
chip . 

15 The SIM 3 5 preferably complies with GSM 

Recommendations 02.17 "Subscriber Identity Modules", 
and 11,11 and is preferably implemented as an industry 
standard "Smart Card". The SIM 35 and reader 33 are 
therefore preferably as described in International 

20 Standards ISO 7810, 7811 and 7816; these and GSM 02.17 

and 11.11 are all incorporated herein by reference. 

Specifically, the SIM 35 includes a processor 35a 
and permanent memory 3 5b. The processor 35a is 
arranged to perform some encryption functions as 

25 described in greater detail below. 

Earth Station Node 6 

The earth station nodes 6 are arranged for 
communication with the satellites. 

Each earth station node 6 comprises, as shown in 

30 Figure 3, a conventional satellite earth station 22 

consisting of at least one satellite tracking antenna 
24 arranged to track at least one moving satellite 4, 
RF power amplifiers 26a for supplying a signal to the 
antenna 24, and 26b for receiving a signal from the 

35 antenna 24; and a control unit 28 for storing the 
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satellite ephemeris data, controlling the steering of 
the antenna 24, and effecting any control of the 
satellite 4 that may be required (by signalling via 
the antenna 24 to the satellite 4) . 
5 The earth station node 6 further comprises a 

mobile satellite switching centre 42 comprising a 
network switch 44 connected to the trunk links 14 
forming part of the dedicated network. A multiplexer 
46 is arranged to receive switched calls from the 

10 switch 44 and multiplex them into a composite signal 

for supply to the amplifier 26 via a low bit-rate 
voice codec 50. Finally, the earth station node 6 
comprises a local store 48 storing details of each 
mobile terminal equipment 2a within the area served by 

15 the satellite 4 with which the nodes 6 is in 

communication . 
Gateway 8 

Referring to Figure 4, the gateway stations 8a, 8b 
comprise, in this embodiment, commercially available 
20 mobile switch centres (MSCs) of the type used in 

digital mobile cellular radio systems such as GSM 
systems. They could alternatively comprise a part of 
an international or other exchange forming one of the 
PSTNs 10a, 10b operating under software control to 
25 interconnect the networks 10 with the satellite system 

trunk lines 14 . 

The gateway stations 8 comprise a switch 70 
arranged to interconnect incoming PSTN lines from the 
PSTN 10 with dedicated service lines 14 connected to 
30 one or more Earth station nodes 6, under control of a 

control unit 72* The control unit 72 is capable of 
communicating with the data channel 60 connected to 
the database station 15 via a signalling unit 74, and 
is arranged to generate data messages in some suitable 
35 format (e.g. as packets or ATM cells) . 
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Also provided in the gateway stations 8 is a 
store 76 storing billing, service and other 
information relating to those mobile terminals 2 for 
which the gateway station 8 is the home gateway 
5 station. Data is written to the store 76 by the 

control unit 72 after being received via the 
signalling unit 74 or switch 70, from the PSTN 10 or 
the Earth station nodes 6 making up the satellite 
network. This store acts in the manner of a visiting 

10 location register (VLR) of a terrestrial GSM network, 

and a commercially available VLR may therefore be used 
as the store 76 . 

The satellite system trunk lines 14 comprise, in 
this embodiment, high quality leased lines meeting 

15 acceptable minimum criteria for signal degradation and 

delay. In this embodiment, all the lines 14 comprise 
terrestrial links . The trunk lines 14 are preferably 
dedicated lines, so that the lines 14 form a separate 
set of physical channels to the networks 10. However, 

20 the use of virtual circuits through the networks 10 is 

not excluded . 
Database Station 15 

Referring to Figure 5 the database station 15 
comprises a digital data store 54, a signalling 

25 circuit 56, a processor 58 interconnected with the 

signalling circuit 56 and the store 54, and a 
signalling link 6 0 interconnecting the database 
station 15 with the gateway stations 8 and Earth 
stations 6 making up satellite system network, for 

30 signalling or data message communications. 

The store 54 contains, for every subscriber 
terminal apparatus 2, a record showing the identity 
(e.g. the International Mobile Subscriber Identity or 
IMSI) ; the current status of the terminal 2 (whether 

3 5 it is "local" or "global" as will be disclosed in 
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greater detail below) ,* the geographical position of 
the mobile terminal 2 (either in co-ordinate geometry, 
or as code identifying an area within which it lies) ; 
the "home" gateway station 8 with which the apparatus 
5 is registered (to enable billing and other data to be 

collected at a single point) and the currently active 
Earth station node 6 with which the apparatus 2 is in 
communication via the satellite 4 . The contents of 
the store are indicated in Figure 6 . 

10 Further, in this embodiment the store contains 

for each user a unique and individual enciphering key 
Ki, to be used as described below. 

The signalling unit 56 and processor are arranged 
to receive interrogating data messages, via the 

15 signalling circuit €0 (which may be a packet switched 

connection), from gateways 8 or nodes 6, comprising 
data identifying one of the mobile terminals 2 (for 
example, the telephone number of the equipment 2) , and 
the processor 58 is arranged to search the store 54 

20 for the status and active earth station node 6 of the 

terminal 2 and to transmit these in a reply message 
via the data line 60. 

Thus, in this embodiment the database station 15 
acts to fulfil the functions both of a home location 

2 5 register (HLR) of a GSM system, and of an 

authentication centre (AuC) of a GSM system, and may 
be based on commercially available GSM products . 
Satellites 4 

The satellites 4a r 4b comprise generally 
30 conventional communications satellites, such as the 

known Hughes HS 601 model, and may be as disclosed in 
GB 2288913 . Each satellite 4 is arranged to generate 
an array of beams covering a footprint beneath the 
satellite, each beam including a number of different 

3 5 frequency channels and time slots, as described in 
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GB 2293725 and illustrated in Figure 7a. 

The satellites 4a are arranged in a constellation 
in sufficient numbers and suitable orbits to cover a 
substantial area of the globe (preferably to give 
5 global coverage) for example 10 (or more) satellites 

may be provided in two (or more) mutually orthogonal 
intermediate circular orbits at an altitude of, for 
example, 10,500 kilometres as shown in Figure 7b. 
Equally, however, larger numbers of lower satellites 
10 may be used, as disclosed in EP 0365885, or other 

publications relating to the Iridium system, for 
example . 

Registration and Location 

In one embodiment, a customer mobile terminal 

15 apparatus 2 may be registered with one of two distinct 

statuses; "local" in which the mobile terminal 
apparatus is permitted only to communicate through one 
local area, or part of the satellite system network, 
and "global", which entitles the apparatus to 

20 communicate through any part of the satellite system 

network . 

The status of each apparatus 2 (i.e. "local 11 or 
"global") is stored in the record held for the 
apparatus 2 concerned in the store 54 of the database 

25 station 15. 

The mobile terminal apparatus 2 performs an 
automatic registration process, of the kind well known 
in the art of cellular terrestrial communications, on 
each occasion when the terminal 2 is utilised for an 

30 outgoing call; and/or when the apparatus 2 is switched 

on; and/or periodically whilst the apparatus 2 is 
switched on. As is conventional, the registration 
process takes the form of the broadcasting of a signal 
identifying the mobile terminal 2 (e.g. by 

35 transmitting its telephone number on a common hailing 
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or signalling frequency) . 

The transmitted signal is picked up by one or 
more satellites 4. Under normal circumstances, the 
signal is picked up by multiple satellites 4, and the 
5 received signal strength and/or time of arrival are 

transmitted, together with the identity of the mobile 
apparatus 2 and of the satellite 4 receiving the 
signal, to the database station 15 via the earth 
stations node or nodes 6 for which the satellites 4 

10 are in communications, and the signalling line 60. 

The processor 58 of the database station 15 then 
calculates, e.g. on the basis of the differential 
arrival times, the terrestrial position of the mobile 
terminal apparatus 2, which is stored in the database 

15 54. Also stored is the identity of the earth station 

node 6 most suitable for communicating with the mobile 
terminal apparatus 2 (the "active" station) . This is 
typically found by the processor 58 comparing the 
stored position of the terminal 2 with the 

20 predetermined stored positions of each of the earth 

station nodes 6 and selecting the nearest. However, 
account may also or instead be taken of the strength 
of the signals received via the satellites 4, or of 
other factors (such as network congestion) to result, 

25 in borderline cases, in the choice of a node earth 

station which is not geographically closest to the 
mobile terminal equipment 2 . The identity of the 
allocated active earth station node 6 is then likewise 
stored in the store 54 in the record for that terminal 

30 apparatus . 

CALL SET UP AND ROUTING 

The processes of routing calls to and from mobile 
terminal apparatus 2 are described fully in 
GB-A-2295296 or PCT/GB95/01087 , both of which are 
35 hereby incorporated fully by reference. Briefly, for 
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a local user outside its area, a call placed to the 
user or from the user is referred to the database 
station which determines that the user is outside of 
its area and thereafter does not process the call. 
5 For a local user which is inside its area, in the 

preferred embodiment described in the above referenced 
British and International application, calls to or 
from the user are set up over the satellite link, via 
the active earth station 6, the ground network, and 
10 the international public switch telephone network 

(PSTN) from the nearest gateway 8 to the terrestrial 
user . 

For global users, calls are routed via the 
satellite and the active earth station, then via the 

15 ground network to the gateway station 8 nearest to the 

terrestrial user. 

The dial numbers allocated to mobile users may 
have "International" prefixes followed by a code 
corresponding to the satellite service network. 

20 Alternatively, they could have a national prefix 

followed by a regional code assigned to the satellite 
service . 

Calls between one mobile user and another are 
carried out by directing the signal via a first 

25 satellite link down to the active earth station node 

of the first mobile user, via the ground network to 
the active earth station node of the second mobile 
user (which may be, but is not necessarily, the same 
as that of the first) and then via a second satellite 

3 0 link {which may, but does not need to be via the same 

satellite) to the second mobile user. 
FIRST EMBODIMENT 

Figure 8 shows in greater detail the signal flow 
through the elements of the mobile terminal of Figure 

35 2. Signals received from the ariel 31 are RF 
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demodulated by RF modem 32 and supplied to the 
processor circuit 37 which is arranged, when in 
enciphering mode, to decipher the received data using, 
for example, the A5 algorithm in accordance with a 
5 deciphering key supplied from the SIM 35. The 

deciphering key is referred to as K ab . 

The deciphered bit stream is then passed to a 
channel codec 3 0b which performs error correcting 
decoding and the error corrected speech signal is 
10 supplied to low bit rate codec 3 0a which includes a 

digital to analog converter, the analog output of 
which is supplied to loudspeaker 34, 

Speech from the microphone 36 is supplied to the 
low bit rate codec 30a which includes an analog to 
15 digital converter, and the resulting low bit rate 

speech signal is encoded by the channel codec 30b to 
include error protection. The error protected bit 

d. when in encioherincr mode, by 
the control circuit 37 and the encrypted bit stream is 
20 supplied to the RF modem 32 for transmission from the 

aerial 31. 

Referring to Figures 9, 10 and 11, the process of 
setting up the enciphered mode of communication will 
now be described in greater detail. 

25 During a communication session between two user 

terminals 2a, 2b, a user of one or both terminals 
elects to continue the conversation in encrypted form. 
Accordingly, referring to Figure 10a, in step 1002 the 
invoking party enters a sequence of key strokes from 

30 the keyboard 3 8 which is recognised by the processor 

3 7 as an instruction to invoke security and 
accordingly the processor 37 transmits, in step 1002, 
a signal to invoke enciphering on an inband or 
associated control channel . 

35 Referring to Figure 10b, at the earth station 6, 
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in step 1102 the privacy request signal is received 
and in step 1104 the signal is sent in parallel to the 
central database station 15 (with the identity codes 
indicating the identities of the terminals 2a and 2b) 
5 and to the second user terminal 2b. 

At the second user terminal 2b, receipt of the 
privacy signal occurs in step 1002 of Figure 10a. 

Referring to Figure 10c, at the central database 
station the privacy signal is received in step 1202. 

10 In step 1204, the controller 58 of the database 

station 15 accesses the memory 54 and reads out the 
individual enciphering key K a stored for the first 
mobile terminal 2a, and the key K b stored for the 
second mobile terminal 2b. 

15 In step 1206, the controller 58 generates a 

pseudo random number (RAND) . 

In this embodiment, the keys K a and K b are each 
128 bit binary numbers and the random number RAND is 
another 128 bit binary number. 

20 In step 1208, the controller 58 calculates first 

and second partial keys Kp a , Kp b . The calculation of 
the second partial key is illustrated in Figure 11a; 
this calculation comprises generating a 128 bit number 
each bit of which comprises the exclusive OR function 

25 of the bits in corresponding positions of the second 

terminal key K b and the random number RAND . Thus, the 
second partial key Kp b is equal to K b + RAND (where + 
indicates the exclusive -OR operation for binary 
numbers) . 

3 0 The first partial key Kp a is calculated in exactly 

the same way, by performing a bit -wise exclusive-OR 
operation between the first terminal key K a and the 
random number RAND, as shown in Figure 10b. 

In step 1210, the central database station 15 

35 transmits the first partial key (KpJ , to the second 
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terminal 2b and the second partial key (Kp b ) to the 
first terminal 2a, via the signalling network 60, and 
the respective earth stations 6b and 6a and satellites 
4b and 4a. 

5 At this stage, each individual terminal key has 

been "scrambled" by the exclusive OR operation with 
the random number RAND. An unauthorised eavesdropper 
who monitors one of the partial keys cannot learn the 
terminal key from it from because he faces two 
10 unknowns; the random number RAND and the terminal key. 

Even an unauthorised eavesdropper who monitors both 
partial keys cannot derive either the random number or 
one of the terminal keys, because he has only two data 
from which to derive three unknowns ; the best that can 
15 be derived is the difference between the two terminal 

keys, which is of no value. 

Referring now to Figure 10b, in step 1106 each 
earth station receives the partial key and forwards it 
to the mobile terminal in step 1108 . 
20 Referring to Figure 10a, in step 1004, each of 

the mobile terminals receives a corresponding partial 
key. In step 1006, the partial key is transmitted via 
the card reader 33 to the SIM 35. 

Referring to Figure 10d, in step 1302, the SIM 
25 receives the partial key and in step 13 04 the SIM 

reads the terminal key from within the memory 35b. In 
step 1306, the SIM processor 35a calculates the 
enciphering key, by performing a bit wise exclusive -OR 
operation between the received partial key and the 
30 stored terminal key to generate a new 12 8 bit binary 

number. In step 1308, the SIM 35 supplies the 
enciphering key thus calculated (termed K ab ) via the 
card reader device 33 to the terminal processor 37. 

It will be recalled that the partial key supplied 
35 to the first terminal 2a comprised the product of an 
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exclusive-OR function between the terminal key K b of 
the second terminal 2b and the random number RAND 
(Kp b =K b +RAND) . Thus, as shown in Figure 10a, the 
enciphering key calculated in step 1306, as the 
5 product of an exclusive-OR operation between this 

partial key Kp b and the terminal key K a , is 
K ab =K b +RAND+K a . 

Likewise, at the second terminal 2b, as shown in 
Figure 10b, the enciphering key K ab calculated is the 

10 product of the exclusive-OR operation between the 

partial key Kp a and the terminal key K b ; in other 
words , K ab = K a + RAND+ K b . 

Since the exclusive-OR operation obeys the 
associative law of mathematics, these two results are 

15 identical; in other words, each terminal calculates 

the same enciphering key. 

Referring back to Figure 10a, in step 1008 the 
terminal processor 37 receives the encryption key K ab 
and in step 1010 the terminal 3 7 switches to 

2 0 encryption mode. Thereafter, as shown in step 1012, 

the processor 37 functions to encrypt the bit stream 
from the codec 3 0 prior to RF modulation and 
transmission, and to decrypt the corresponding bit 
stream from the RF modem 32 prior to supply thereof to 

2 5 the codec 30. 

The encryption algorithm may be any suitable 
algorithm and may be openly known (since • the 
encryption key itself is secret) . In particular, 
conveniently the encryption algorithm is the A5 

3 0 encryption algorithm used in GSM handsets and 

described in the above referenced Recommendations; 
this is already present in most GSM handsets. 

Thus, to recap, as shown in Figure 9, in this 
embodiment each terminal 2 has an associated unique 
3 5 terminal key which is stored in the SIM 3 5 held within 
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the terminal and in the central database station 15. 
The enciphering key used is a function of both 
terminal keys. The database station 15 distributes to 
one terminal 2 the terminal key of the other terminal. 
5 The terminal keys are distributed in masked form. 

The masking in this embodiment takes the form of an 
exclusive -OR operation with a random number. The 
operation performed at each terminal to combine its 
own terminal key with the other, masked, terminal key 
10 results in each terminal producing an encrypted 

terminal key which is the same function of both 
terminal keys. This is conveniently arranged in this 
embodiment by processing each terminal key in 
accordance with the same terminal number. 
15 Transmitting the terminal keys in masked form 

prevents an eavesdropper from gaining access to either 
terminal key. By changing the masking on each session 
operation (e.g. by generating a continually changing 
sequence of pseudo- random numbers) an eavesdropper 
20 cannot learn the masking function over time. 

Nor is it possible for either terminal or SIM to 
work out the other's terminal key, since this is 
masked even from the terminals themselves. 

Finally, as in GSM systems, neither terminal 
25 knows its own terminal key, because it is stored on 

the SIM, to which access is denied from the terminal. 
This is important since, otherwise, one terminal could 
in principle listen to the partial key sent to the 
other terminal and, knowing its own terminal key, 
3 0 derive the random number from which it could then 

decipher the other terminal key from the partial key 
transmitted to it. 
grernttm EMBODIMENT 

In a second embodiment, security is further 
3 5 improved by reducing the opportunities for 
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unauthorised tampering at the central database 
station. The second embodiment works substantially as 
the first except that, as shown in Figure 11, instead 
of steps 1204 to 1210 of Figure 10c being performed, 
5 steps 1404 to 1420 are performed. 

Accordingly, after step 1202, the processor 58 
first accesses the first terminal key K a in step 1404; 
then calculates the random number in step 14 06 (as 
described above in relation to step 1206 ) ; then 

10 calculates the first partial key in step 1408 (as 

described above in relation to step 1208) ; then sends 
the first partial key in step 1410 (as described above 
in relation to step 1210) . 

After these operations, any locally stored copies 

15 of K a and Kp a are erased. Then, in step 1414, the 

processor 58 accesses the second terminal key K b , 
calculates the second partial key (step 1416) ; sends 
the second partial key (step 1418) ; and erases the 
second partial key and second terminal key (step 

20 1420) . 

Thus, in this embodiment, access to the two 
partial keys and terminal keys is separated in time, 
reducing the possibilities for eavesdropping or 
fraudulent use of the database station 15. 

25 It will be apparent that access to the two 

partial keys and/or terminal keys could be separated 
in other manners; for example, by sending the two 
terminal keys to physically separate devices and then 
sending the random number to each of the devices for 

30 combination there with the terminal keys. 

Rather than sending the same random number to two 
different devices, for additional security, two 
identical, in-step, random number generators may be 
provided at two different locations, to which the two 

35 terminal keys are sent. Thus, access to the two 
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terminal keys and/or partial keys may be separated 
physically as well as, or instead of, in time. 
THIRD EMBODIMENT 

In the above embodiments, the partial keys Kp a , Kp b 
5 are transmitted en clair. In this embodiment, 

securing is further increased by enciphering each for 
transmission . 

Although it would be possible to use a common 
cipher, this would be undesirable since eavesdroppers 
0 with access to the common cipher (e.g. other 

authorised users of the privacy service) might be able 
to decipher the cipher. 

Equally, it is preferred not to use an air 
interface cipher of the type known in the GSM system 
.5 because this would be open to interception in the 

fixed part of the network. 

Accordingly, in this embodiment, the SIM 35 
stores a decryption algorithm (v/hich may conveniently 
be the A5 algorithm used in GSM systems) and the 
>0 database station 15 is arranged to execute the 

corresponding encryption algorithm. 

Referring to Figure 13a, in this embodiment the 
process of Figure 10c of the first embodiment is 
modified by the inclusion of a step 1209, between 
25 steps 1208 and 1210, in which each partial key is 

enciphered using the terminal key of the terminal to 
which it will be sent and is transmitted in enciphered 
form. 

At each terminal, referring to Figure 13b, in 
30 this embodiment the SIM processor 3 5a performs an 

additional step 1305 between steps 1304 and 1306. In 
step 13 05, the received partial key is decrypted using 
the terminal key, prior to calculating the ciphering 
key. 

35 Thus, in this embodiment, additional security is 
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provided by encrypting the transmitted partial keys; 
particular conveniently, the encryption makes use of 
the terminal key of the destination terminal, so to 
avoid the need to store further encryption data. 
5 Obviously, however, other forms of encryption are 

possible; in particular, more sophisticated encryption 
algorithms in which an additional random number is 
also sent would be possible. 

Finally, it may be mentioned that where the 

10 encryption scheme described in this embodiment is 

used, it would be possible to directly encrypt the 
transmitted terminal keys, rather than partial keys 
formed by masking the terminal keys. This should 
still offer good security in most circumstances, since 

15 only in the SIM 3 5 are the received terminal keys 

deciphered. However, where there is a risk that 
fraudulent SIMs might be manufactured then masking to 
produce a partial key will be employed since this 
conceals even from the SIM the identity of the other 

2 0 terminal key . 

FOURTH EMBODIMENT 

In this embodiment, the principle of the first 
embodiment is utilised, in combination with the air 
interface encipherment and authentication system 

25 present in GSM compatible networks and specified in 

the above GSM recommendations. 

Referring to Figure 14, the security features are 
applied in the following order: 

Authentication (step 2002) ; Air- Interface 

30 encryption (step 2004) ; End-to-End encryption (step 

2006) . 

Essentially, the first two steps are as in 
existing GSM networks and the third is as described 
above as in relation to the first embodiment. 
35 However, for the sake of clarity, further description 
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will be given hereafter. 

Referring to Figure 15a, the functions performed 
by the handset processor 37 and SIM 35 will be 
described as separate functional blocks; each 
5 functional block could, of course, be implemented by 

a separate microprocessor or digital signal processor 
(DSP) device but in this embodiment, in fact, only one 
such processor device is present in the handset and 
one in the SAN 35. 
10 Referring to Figure 15a, signals received from 

the antenna 31 and demodulated by the RF modem 32 are 
passed through a first enciphering/deciphering stage 
3 72 arranged to apply the A5 algorithm known from GSM 
in accordance with an air interface enciphering key K c , 
15 and a second enciphering/deciphering stage 374 

arranged to apply a second deciphering algorithm 
(conveniently, again, the A5 algorithm used in the GSM 
system and described in the above Recommendations) 
deciphering in accordance with an end-to-end 
20 enciphering key K a , b . The deciphered bit stream is 

thereafter supplied to the codec 30. 

Similarly, the speech bit stream from the codec 
30 passes through the two enciphering/deciphering 
stages 372,374 in the reverse order; for clarity, the 
25 signal path has been omitted from Figure 15a. 

Within the SIM 35 is located a terminal key 
storage register 3 52 storing the terminal key K t for 
the terminal. The terminal key storage register 352 
is connected to supply the terminal key Kj to a 
30 signature calculation stage 354, arranged to calculate 

a "signed response" number (SRES) used to authenticate 
the terminal, in accordance with the A3 algorithm 
described in the above mentioned GSM Recommendations 
and used in GSM systems. The response calculation 
35 stage 354 is also connected, via the card reader 
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device 33, to receive a random number (RAND1) from the 
unenciphered bit stream output from the RF modem 32. 

The terminal key register 352 is also connected 
to supply the terminal key K t to a first key generation 
5 stage 356, which is also arranged to receive the 

random number (RAND 1) and to calculate therefrom an 
air interface enciphering key K c in accordance with the 
A8 algorithm described in the above GSM 
Recommendations and used in GSM systems. The key thus 

10 calculated is supplied, via the card reader device 33, 

to the first (air interface) enciphering/deciphering 
stage 372 of the terminal processor 37. 

The terminal key register 352 is also connected 
to supply the terminal key to a second key generation 

15 stage 358, which is arranged to generate an 

enciphering key K ab for end- to -end encryption (as 
described in the first embodiment above) utilising the 
terminal key Ki and the partial key Kp b which it is 
connected to receive (via the card reader device 33) 

20 from the deciphered output of the first (air 

interface) enciphering/deciphering stage 372 of the 
terminal processor 37. 

The end-to-end enciphering key thus calculated is 
supplied to the second (end-to-end) enciphering/ 

25 deciphering stage 374 of the terminal processor 37. 

Referring to Figure 15b, the central database 
station comprises, in this embodiment, a random number 
generator 582 arranged to generate, on each occasion 
of use, a new binary 128 bit number (RAND1) in a 

3 0 random sequence; a store 54 storing the terminal keys 

K t ; a key generation stage 584 which is connected to 
receive a terminal key from the store 54 , and the 
random number (RAND1) , and to calculate therefrom an 
air interface enciphering key K,. in accordance with the 

35 A8 algorithm (described in the above GSM 
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recommendations and used in GSM systems) ; and a 
signature calculation stage 586, which likewise is 
connected to receive the terminal key and the random 
number, arranged to calculate the signed response 
5 number (SRES) in accordance with the A3 algorithm 

(described in the. above mentioned GSM Recommendation 
and used in GSM systems) . 

The outputs of the random number generator stage 
582, signed response generator stage 586 and key 

10 generation stage 584 are connected to the signalling 

circuit 56 for transmission to the earth stations 6. 

Referring to Figure 15c, each earth station 6 
comprises (within the database 48) a triplet register 
482 arranged to store a predetermined number (e.g. 5) 

15 of triplets each comprising a random number, a 

corresponding signed response (SRES) and a 
corresponding air interface encryption key (K c ) , 
supplied via the signalling circuit 60 from the 
database station 15 . 

20 On each occasion when a mobile terminal 2 

registers with the earth station 6, the earth station 
requests the supply of the predetermined number of 
triplets from the central database station 15, which 
accordingly generates the predetermined number of 

25 triplets and transmits them for storage in the 

registers 482 via signalling channel 60, 

Also provided within the earth station 6 is a 
comparator 282 coupled to the triplet register 4 82 and 
to the air interface components 24, 26 of the earth 

30 station 6, and arranged to compare a signed response 

(SRES) number received from a mobile terminal 2 with 
a signed response stored in the register 482, and to 
indicate correspondence (or absence thereof) between 
the two numbers . If the two numbers do not 

35 correspond, the user is not authenticated and service 
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is discontinued by the control unit 28. 

Finally, the earth station 6 comprises an air 
interface encryption stage 284 arranged to encipher 
and decipher in accordance with the A5 algorithm 
5 {known from GSM) making use of an air interface 

enciphering key K c supplied from the triplet register 
482 . 

In the enciphering direction, the air interface 
enciphering/deciphering stage 284 receives an input 

10 from the codec 50 and delivers its output to the air 

interface components 24,26; whereas in the deciphering 
direction the enciphering/deciphering stage 2 84 
receives its input from the air interface components 
24, 26 and delivers its output to the codec 50. 

15 The operation of this embodiment will now be 

described in greater detail with reference to Figures 
16a to 16d. In Figures 16a to 16d, steps of the 
processes of Figure 10a to lOd, which will not be 
discussed further in detail, are incorporated. 

20 As in Figure 10a, a request for privacy is 

initiated by one of the parties and a privacy request 
signal is transmitted from the terminal 2a. 

Following receipt (step 1102} of the privacy 
signal at the earth station 6a and forwarding thereof 

25 (step 1104) to the database station 15, referring to 

Figure 16c, steps 1202 and 1204 are performed to 
derive the terminal keys of the two terminals . 

Then, in step 1205, a test is performed to 
determine whether both subscribers are authorised to 

30 use end-to-end encryption. If so, steps 1206 to 1210 

of Figure 10c are performed. Subsequently, or if not, 
the database station 15 proceeds to step 1212, in 
which it transmits a signal to the earth station (s) 
6a, 6b serving the two terminals 2a, 2b to instruct them 

35 to perform a terminal authentication check and to 
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commence air interface encryption. 

Referring back to Figure 16b , each earth station 
6, on receipt of the instruction signal and partial 
key (step 1110) , sends an authentication interrogation 
5 message (step 1112) which includes the next random 

number RAND1 obtained from the triplet register 482. 
Additionally, as in the GSM system, a key number may 
be transmitted for further verification. 

Referring back to Figure 16a , on receipt of the 
10 authentication request message (step 1014) the random 

number (RAND1) is extracted and sent to the SIM 35 
(step 1016) . 

Referring to Figure 16d, at the SIM 35, on 
receipt of the random number RAND1 (step 1310) , the 
15 SIM processor 3 5a looks up the terminal key K a , (step 

1312) and calculates the signed response (SRES) using 
the A3 algorithm (step 1314) . 

In step 1316, the SIM processor 35a calculates 
the air interface enciphering key K c using the random 
20 number (RAND1) and the terminal key K a . In step 1318, 

the SIM 35 transmits the signed response number (SRES) 
and the air interface enciphering key (K c ) to the 
terminal processor 3 7 via the card reader device 33. 
Subsequently, the SIM 3 5 executes the process of 
25 Figure lOd. 

Referring to Figure 16a, on receipt of the signed 
response number (SRES) in step 1018, the terminal 
processor 3 7 transmits the SRES number to the earth 
station 6a (step 1020) . 
30 Referring to Figure 16b, the earth station 6 

receives the signed response number (1114) and 
compares it with the stored signed response number 
held in the triplet register 482 (step 1116) . 

If the two do not match, then the call is 
3 5 terminated (step 1117) . Alternatively, further 
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attempts at authentication may be made if desired. 

If the signed response received from the mobile 
terminal 2 matches the stored signed response in step 
1116, the earth station 6 reads the enciphering key K c 
5 stored in the triplet register 4 82 corresponding to 

the signed response just received, and (step 1118) 
commences enciphering all future traffic to, and 
deciphering all future traffic from, the mobile 
terminal 2 using the A5 algorithm together with the 

10 enciphering key K c . As is conventional in GSM systems, 

the frame number may also be used as an input to the 
enciphering algorithm. 

The earth station 6 thereafter returns to step 
1108 of Figure 10c, to send the partial key received 

15 from the database station 15 to the terminal 2, but in 

this embodiment this takes place in enciphered form. 

Returning to Figure 16a, on receipt of the air 
interface encryption key K c (step 1022) from the SIM 
35, the terminal processor 37 starts the enciphering/ 

20 deciphering mode in which all traffic received from 

the air interface modem 32 is deciphered and all 
traffic transmitted to the air interface modem 32 is 
enciphered using the A5 algorithm and the air 
interface enciphering key K c ; where the earth station 

25 6 additionally makes use of the frame number, the 

terminal 2 likewise does so. 

The process performed by the terminal processor 
37 then returns to step 1004 of Figure 10a, to receive 
(in encrypted form) f decrypt and use the partial 

30 enciphering key Kp b received from the earth station 6. 

Although the above description assumes that 
neither terminal has recently been authenticated, and 
that neither terminal is already in air interface 
encryption mode, it will be understood that this need 

35 not be the case. If either terminal is already 
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applying air interface encryption, then the 
corresponding steps described above to set up 
authentication and air interface enciphering are not 
performed again. 
5 In the above embodiment, additional safeguards 

may be provided; for example, to initiate secure 
communications, the terminal user may be required to 
input a PIN code for matching with data held on the 
SIM. 

10 It will be understood that, where the invention 

is practised in a GSM -compatible system or the like, 
the SIM 3 5 will contain further information in the 
form of the international mobile subscriber identity 
number (IMSI) , and optionally lists of phone numbers 
15 for speed dial or other purposes. 

The invention is conveniently practised by 
maintaining lists at the database station 15, each of 
which specifies the members of a corresponding closed 
user group (CUG) . Members of one closed user group 
20 are thereby permitted to correspond with other members 

of the same user group. For example, closed user 
groups might comprise armed services personnel of 
different countries; or emergency services personnel 
of different countries. 
25 OTHER EMBODIMENTS 

It will be clear from the foregoing that the 
above described embodiment is merely one way of 
putting the invention into effect. Many other 
alternatives will be apparent to the skilled person 
3 0 and are within the scope of the present invention. 

For example, the numbers of satellites and 
satellite orbits indicated are purely exemplary. 
Smaller numbers of geostationary satellites, or 
satellites in higher altitude orbits, could be used; 
35 or larger numbers of low earth orbit (LEO) satellites 
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could be used. Equally, different numbers of 
satellites in intermediate orbits could be used. 

Although TDMA has been mentioned as suitable 
access protocol, the present invention is fully 
5 applicable to other access protocols, such as code 

division multiple access (CDMA) or frequency division 
multiple access (FDMA) . 

Whilst the principles of the present invention 
are envisaged above as being applied to satellite 
10 communication systems, the use of the invention in 

other communications systems (e.g. digital 

terrestrial cellular systems such as GSM) is also 
possible . 

Although, for the sake of convenience, the term 

15 "mobile" has been used in the foregoing description to 

denote the terminals 2, it should be understood that 
this term is not restricted to hand-held or hand- 
portable terminals, but includes, for example, 
terminals to be mounted on marine vessels or aircraft, 

20 or in terrestrial vehicles- Equally, it is possible 

to practice the invention with some of the terminals 
2 being completely immobile . 

Instead of providing a single central database 
station 15 storing details of all terminal equipment 

25 2, similar details could be stored at the home gateway 

8 for all terminal equipment to register with that 
home gateway 8 . 

Equally, whilst in the above described 
embodiments the central database station 15 acts as a 

30 Home Location Register (HLR) of a GSM system, and may 

be provided using commercially available HLR hardware, 
and the databases within each earth station 6 act in 
the manner of visiting location registers (VLRs) and 
may likewise use commercially available GSM hardware, 

35 it will be understood that the information relating to 
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different users could be distributed between several 
different databases. There could, for instance, be 
one database for each closed user group, at physically 
different positions . 
5 Whilst in the fourth embodiment above the same 

terminal key K ± is used for secure end-to-end 
encryption as is used for air interface encryption, it 
will be clear that this is not necessary; each 
terminal could store two different terminal keys, one 

10 for air interface encryption and one for end-to-end 

encryption* In this case, a separate authentication 
centre database could be provided for end-to-end 
encryption key distribution to that which is used in 
conventional air interface encryption. 

15 Although in the foregoing embodiments, the same 

(A5) cipher algorithm used for the air interface 
encryption of the GSM system is proposed for use in 
end- to -end encryption, it will be apparent that a 
different cipher could be used; in this case, 

20 terminals would include two different enciphering 

stages for use in the fourth embodiment. Further, 
where multiple closed user groups are provided, each 
closed user group could use a different cipher. 

In the foregoing, the gateways 8 may in fact be 

25 comprised within an ISC or exchange or mobile 

switching centre (MSG) by providing additional 
operating control programmes performing the function 
of the gateway. 

In the foregoing, dedicated ground networks lines 

30 have been described, and are preferred. However, use 

of PSTN or PLMN links is not excluded where, for 
example, leased lines are unavailable or where 
temporary additional capacity is required to cope with 
traffic conditions. 
35 It will naturally be clear that the stores within 
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the gateways 8 need not be physically co-located with 
other components thereof, provided they are connected 
via a signalling link. 

Whilst, in the foregoing, the term "global" is 
5 used, and it is preferred that the satellite system 

should cover all or a substantial part of the globe, 
the invention extends also to similar systems with 
more restricted coverage (for example of one or more 
continents) . 

10 Whilst the foregoing embodiments describe duplex 

communications systems, it will be clear that the 
invention is equally applicable to simplex (one way) 
transmission systems such as point- to-multipoint or 
broadcast systems . 

15 Equally, whilst the preceding embodiments 

described direct transmission systems, it will be 
clear that the invention is applicable to store-and- 
forward communications systems in which one party 
transmits a message for storage and subsequent later 

20 delivery or transmission to the other party. 

One example of such a store -and- forward system is 
e-mail, for example of the type provided by Compuserve 
(TM) or MCI (TM) . Another example is the Internet, 
which, as is well known, consists of a number of host 

25 computer sites interconnected by a backbone of high 

speed packet transmission links, and accessible for 
file transfer from most points in the world via public 
telecommunications or other networks. 

In an embodiment of this type, a central database 

30 station 15 need not distribute keys to both terminals 

at the same time; instead, distribution of the partial 
key to the transmitting terminal may take place at the 
time of transmission of a file of data for storage in 
encrypted form, and distribution of a partial key to 

3 5 the receiving terminal may take place substantially 
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later; for example, at the next occasion when the 
receiving terminal is connected to the network and/or 
the next occasion when the receiving terminal wishes 
to download the file from intermediate storage in a 
5 host computer. 

Naturally, it will be understood that whilst the 
above embodiments discuss voice transmission, the 
invention is applicable to the encryption of data of 
any kind and particularly, but not exclusively, to 

10 image data, video data, text files or the like. 

It will be understood that the geographical 
locations of the various components of the invention 
are not important, and that different parts of the 
system of the above embodiments may be provided in 

15 different national jurisdictions. For the avoidance 

of doubt, the present invention extends to any part or 
component of telecommunications apparatus or systems 
which contributes to the inventive concept. 

The foregoing, and all other variants, 

20 embodiments, modifications or improvements to the 

invention are intended to be comprised within the 
present invention . 
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1- A method of distributing, through a 
communications network, enciphering key data for 
secure communication via said network between first 
5 and second terminals (2a, 2b) each storing 

corresponding first and second terminal keys (K a ,K b ) 
comprising : 

storing said first and second terminal keys 
(K a/ K b ) remotely to said terminals (2a, 2b); 
10 generating first and second corresponding partial 

keys (K^K^) each comprising a corresponding masking 
function of a corresponding one of said terminal keys 
<K a , K b ) ; and 

dispatching the first partial key (KpJ towards 
15 the second terminal (2b) , and vice -versa. 

2. A method according to claim 1, further 
comprising providing a number (RAND) , and in which 
each masking function is a joint function of said 
number and a corresponding said terminal key- 

2 0 3. A method according to claim 2, in which the 

first and second functions comprise an Exclusive-OR . 

4. A method according to claim 1, in which the 
first and second functions are the same. 

5. A method according to any preceding claim, 
25 further comprising receiving a request signal 

requesting enciphering. 

6 . A method according to claim 5 when appended 
to claim 2, in which said step of providing comprises 
providing a new said number (RAND) in response to said 
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request signal. 

7. A method according to claim 2 or any of 
claims 3 to 6 when appended thereto, in which said 
step of providing a number comprises pseudo randomly 

5 generating said number. 

8. A method according to any preceding claim, 
further comprising a step of enciphering at least one 
of said first and second partial keys (Kp a , Kp b ) prior 
to said step of dispatching. 

10 9. A method according to claim 8 in which each 

of said first and second keys is enciphered with a 
different cipher. 

10. A method according to claim 9 in which each 
of said first and second keys is enciphered with a 

15 common enciphering algorithm using said first and 

second keys as ciphering keys, 

11. A method according to any preceding claim, 
further comprising a step of authenticating at least 
one said terminal (2a, 2b) through a signalling 

20 dialogue, prior to said step of dispatching. 

12. A method according to any preceding claim, 
further comprising separating access to said partial 
keys and functions at the location (15) where they are 
generated. 

25 13. A method of communication between two 

terminals (2a, 2b) through a communications network 
comprising : 

distributing enciphering key data to said first 
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and second terminals via said network from a remote 
location; 

using said enciphering key data to derive an 
enciphering key (K ab ) at each of said terminals 
5 (2a, 2b) ; 

enciphering data for transmission at a first said 
terminal (2a) ; 

transmitting said enciphered data through said 
communications network ; 
10 receiving said enciphered data at the second 

terminal (2b) ; and 

deciphering said enciphered data. 

14 . A method according to claim 13 in which at 
least one of the terminals (2a f 2b) is mobile. 

15 15 . A method according to claim 13 or claim 14 

in which the communications path to at least one of 
the terminals includes an air interface. 

16 . A method according to claim 15 in which said 
air interface includes a repeater satellite (4a, 4b). 

20 17. A method according to claim 15 in which said 

air interface includes a terrestrial radio link. 

18. A method according to any of claims 15 to 17 
in which a further stage of encryption is provided 
over the or each said air interface. 

25 19. A method according to claim 13, further 

comprising a step of storing said data. 


20. A method according to claim 19 in which said 
communications network comprises at least one computer 
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via which data may be transferred in the form of 
message files. 

21. A method of secure communication between two 
terminals (2a, 2b) comprising providing each terminal 
> with a terminal key (K a ,K b ) ; sending each terminal data 

relating to the other is terminal key; and carrying 
encrypted traffic from a first said terminal (2a) to 
a second (2b) in a cipher (K ab ) depending on both said 
terminal keys (K a , K b ) . 


10 22. A method according to claim 21, further 

comprising providing storage means (15) separate from 
said terminals (2a, 2b) storing data relating to said 
terminal keys, and in which the terminal keys are sent 
to each terminal from the storage means (15) . 

15 23 , A method according to claim 22 in which said 

keys (K a/ K b ) are sent in encoded form (Kp a ,Kp b ) . 

24. A method according to claim 23 comprising 
generating each said encoded form (Kp a ,Kp b ) as the 
product of the corresponding terminal key and a 

20 predetermined number (RAND) . 

25. A method of secure communication between two 
mobile terminals (2a, 2b) in a satellite communications 
system, comprising enciphering data at a first said 
terminal (2a) , carrying said data in enciphered form 

25 on the entire path through said network to said second 

terminal (2b) , and deciphering said data at said 
second terminal (2b) . 


26. A method of secure communication between two 
mobile terminals (2a, 2b) each of which is connected 
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via an air interface to a terrestrial transceiver 
station (6a, 6b), comprising applying first encryption 
between each terminal (2a, 2b) and the terrestrial 
transceiver station (6a, 6b), said first encryption 
5 being applied at said transceiver station (6) , and 

applying second encryption over the whole path through 
the network between said first and second terminals 
(2a, 2b) . 


27. Apparatus (15) for storing enciphering key 
10 data for enabling secure communications via a network 

between first and second terminals (2a, 2b) each 
storing corresponding first and second terminal keys 
(K a ,K b ), said apparatus comprising: 

a store (54) containing said terminal keys 
15 (K a ,K b , . . .) ; and 

means (56) for communicating with said network ; 
means (58) for sending a first said terminal key 
(K a ) to a second said terminal (2 b ) and a second said 
terminal key (K b ) to a first said terminal (K a ) , to 
20 enable end-to-end enciphered communications between 

said terminals (2a, 2b) . 


28. Apparatus (15) according to claim 27 further 
comprising means (58) for masking each said terminal 
key (K a ,K b ...) prior to sending thereof. 

25 29. Signal routing apparatus (6a, 6b) for routing 

signals from a first terminal (2a) to a second 
terminal (2b) via a communications network, said 
routing apparatus comprising: 

means (72) for receiving a signal indicating a 
3 0 requesting for end-to-end encrypted communications 

between said first and second terminals (2a, 2b); 

means (74) for indicating said request to a 
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further station (15) holding encryption key data; 

means (76) for receiving said enciphering data 
from said further station (15) ; and 

means for forwarding said enciphering data to a 
5 said mobile terminal (2a) . 


30. A first terminal (2a) for communicating, via 
a communications network, with a second terminal (2b) , 
said first terminal comprising: 

a store (35b) containing a terminal key (K a ) for 
10 said first terminal; 

a receiver port (31,32) coupled to said 
communications network; 

a processor device (35a) coupled to said receiver 
port to receive therefrom data (K^) relating to a 
15 terminal key <K b ) held at said second terminal (2b) ; 

a key generator (35a) arranged to calculate from 
said data (Kp b ) and said terminal key of (KJ said 
first terminal an enciphering key (K a , b ) depending on 
both said terminal keys; and 
20 enciphering/deciphering apparatus (37) arranged 

to encipher and/or decipher data transmitted from 
and/or received at said terminal (2a) in accordance 
with said enciphering key (K a#b ) . 

31. Apparatus according to claim 3 0 in which 
25 said store (35b) and said processor device (35a) are 

provided within a secure device (35) which cannot be 
read from an external device. 


32. Apparatus according to claim 31, in which 
said secure device (35) comprises a removable and 
30 insertable module (35) . 


33. Apparatus according to any of claims 30 to 
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32 which further comprises air interface components 
(31,32) for communicating via an air interface with 
said network. 

34. Apparatus according to claim 34 , in which 
5 said air interface components (31,32) are for 

communicating with a satellite (4a, 4b). 

35. Secure data storage apparatus (35) 
comprising a store (3 5b) for storing terminal key data 
(K a ) and a processor (35a) for receiving further 

10 terminal key data (Kp b ) and for combing said further 

terminal key data (Kp b ) with said stored terminal key 
data (K a ) and for generating, responsive thereto, a 
combined encryption key (K ab ) . 
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2. &=? (RAND) *&&tZ>XTvZfZWlZ<£fr^ v^ + >^(MaiilWIB 

st^ t x ^ftr 5 naE&^aa t oa-siaa? *$ct^*i®tr5 b$js 1 e 

3. mi fcS2a>Hatt#fftraoR3W*&£*£fcft»«*T*B#a2E 

5 . e&^-fb £ e#-r ss#f» ft ®ft r « * -y y * wic-s c z t ft t r 

6. mittTzm&r z *T 7tmtmmn^^fc&vTmtz%mm¥ < 

RAND) StJ&t57T7^^4'53i: S#»fcT*H#0>ttBIB2 Jgi;:i& 

7. mEaTftmt&rs^^-yy^snfeiaawcfflnBa^s^r^^^-yy 

j&»e>fr3Cfcft*§»fcT*B#E2 , *£U:CftcajtflLfcB#iI3 *>&B:£* 

6 (?) I s ft *» (c E«C075i£ o 

8. U0E*ft^-r-y^Ol»ClKrE»1 t^2(DS^» (Kpa, Kpb) C0'># < 

7tf>^r"ft3&»tcE*w^acc 

1 7. 95SBX7'<>^-7x-^* f tfe±^ l J>^^^tCt ft<ft&£f£B 
#ig 1 5 tBttCO^o 

i:t»fitt«ll*«1 5*6B*Ji1 7(0t^ft3tP(cE«O^o 

1 9. ttEy-£ftEttT**xy7ftMtc^t;;:fcftte«£T*a#Sh 3 
Etto^ifeo 

2 0. ttE&lfiai&a^ ^ti^LTf-** * -vfe-v- 7 7 -r JK&JKa 
T'^T'$$'>4<tt»1 oc03>fcfi-*ftait.>!:fcft4«i:T*a#ai 9 
Ett^S, 

2 1. 2^0S6^*S (2 a, 2 b) C7)|B]C0-fe* n. afg<D^2EC*s^T\ 
*ft?ftCD3g;fc*g (2 a, 2 b) iZ^mm (Ka, Kb) *twen^T77"t 

, * ft -r ft (oasic«cflboa5i5«tc B-r 4 - * t * s &3feaa ft asm* * * t- 

7 7*t, ffirEft^<Z>a£&a (Ka, Kb) C&oT, $g 1 (OtilB&ftS (2 a) 
*»&«2«S«5|t« (2 b) (CBS* (Kab) T'B&^-fb £ ft fcSftftaaST 2> *x -y 

22. m5»5fcaacHT*?-*ftE«T*aE«3fMSi (2a, 2b) *>e> 

BftfcEW^S (1 5) ft ttfctc, sH^aa^Ett^ (1 5) 

*&&SB5fe«i^fs$ftSitft»ae:r*»3cfli2 i e«o^ 0 

2 3. ffTEa (Ka, Kb) KfbSftfcJBSfc (Kpa, Kpb) T'^ffSftS 

Zfc ft 4$« 2 2Ett0^3Eo 

24. «fl3&»<03- K-fbd ftfcJBsfc (Kpa, Kpb) ft&fST £S8*«8a fcffr 
£a (RAND) GQttfc UTMt«Ct*!|$ai:T5B*S2 3tB«0^o 
2 5. «fla«i/^T-A?2-PW^»»:j*5S« <2 a, 2 b ) B<0-fe + i 'J t- 

-ra«ftfT9^ic43tvT, aEai&£& (2 a) Tf-^sB^tts^r 
7 7*t, wet- * ftm#<b $ ft tzB#,T'mmmm<r>±&t&vmm 2 «ma 
(2 b) ^tasT**?*;^ ttE7*-*ftmEa2»$« (2 b) ?*# 

26. ^ft-fftjtfXT 7 * >5r-7i-^Ttfe_t h7>*>-/^ (6 a , 6 b) 
lCjg&$T^*2 0(7)#tM*$S*a (2 a, 2 b) SIT* *i 'J 5^ < iftffft fr 9 


1 1 -5 1 0 6 6 8 

9. mm* ta2<Da<o-tft^ft« f »<c5»#T f fl&#{b$ftsctft«at 

rS»*9(8Ett07ja« 

1 o. iraEai tg2wao^nfn^iBgi £a2<*>aft»^ba£ ur 
ffl^ fc tTJi d- ^ATB&tjt s ft*ctft«atr« b*ji 9 e« 

1 i. u?m^f7 7 , omi;, ra^aaoaaft^uTaEasfca (2 a, 

2 b) <0'><r< t^-^ftgsKrs^^-yrftStc^cct ft«atr*B*3ji 

1 #6B#JB1 0<7)^-fft^(CE«<7)77iio 

1 2. !WES^atHa^07'^-t!^ft* ft^ayiflcSftfcP^-vg > (1 
5) T'»«r«^7-yrft!5ir*t;Ctft4*ai:T5a^1 *»e.B*^1 1<7) 

^-f ftancEtto^ato 

1 3. aHEItt«ft«T2o<oa5|5« (2 a, 2 b) SiTiiftT^aElCfeL* 

T, 

aa^a * t> a teien ^utii t^2 oa^a icet#iba-r - * ft e# 

MEa^ba^-^ftfflt^raEa^a (2 a, 2 b) <7>*ft-rftTa»<ba 
(Kab) ftaiai-rs^^-yrt, 

mrEaia^a (2 a) -rmiBa^t* ftfcx-**ffifrr*;*-?-?rt, 
m«aa«Eitt« * ^ u nwE»#<b s ft >t ^ ; - * ft &frr s ^ ^ y ^ t , 

BfB%2»$« (2 b) TmmWtSfttzr-'-ZZ&mT&XTy-rts 

mmmt $ ft tz r - 5r $ B&^suEr 5^f77L *»5<r«^tft»atT 

1 4. (2a, 2b) (0'>4<tt.-^tt^7*SCi:S«att 

i 5. tfci ■ooa*«^^atte»* r i7'<>5'-7i-^ft«'t'c. 

t*«att4B*51 3, *>tU:B*ai 4i:i3tt(Om 

16. Biei7<>?-7i-XA f 4'««fi(4a, 4b) ft*t?itft«« 


^aitz^^T, &S6^*g (2 a, 2 b) tajih7>*>-/<» (6 a, 6b) t 

oBrtftftfTiv we«i wa#<bttaEh j 7>->-/<s (6) tcr 
^n§^f 77*i:, mregi ts2<D»*« (2 a, 2 b) <Disi<D®&mzu 
fz±&&icmvTm2<nm*kitzftoZT'yzft. frb&zztz&WitTz-B 

2 7. aaia&jHft&T. ^ftfft^flsr^ai t»2oa*«a (Ka, 

Kb) ftEttLT^sai t»2(Z)a*« (2 a, 2 b) ^(BlO-b + ^'Jx-rJft 

mftW^t-T5ttoe&^baT- t -^ftEt8T*^a (is) *>^r, 
ntsa^aa (Ka, Kb, . . > ft^c?E«aa (5 4) 
aEBiaa^aard^a (5 6) t, 

mieaia^aa (Ka) «aEa2*£a (2 b) tcaau. aEB2«^ 
^a (Kb) zmmimxm (Ka) c^ftor, aEama (2a, 2b) r=i 
a>a^an«#aaftRra(cr9^a (5 8) £ft«*T«/££ft*c:*ft*$& 
tT*^a 0 

2 8. asa^aa (Ka, Kb, . . > ftsftr*ai=-t ft-rft^a^aaft 

77#>7 r t5/:«>Of® (5 8) &W.lzm*.fzZt t»«tT*B*5l2 7 IB 

aaaa (is), 

2 9, aaaaa«ara-i-a%a (2 a) «>&a2ai9tca (2 b) ^com# 
aaftafirsffi^aaaffiaa (6 a, 6 b) tc^^r, 
aiBBi tm2om^m (2 a, 2 b) n«)*$ttnmii«)s«t^tffi 

%ftSfir5¥© (7 2) 

ttEB*fttt#ifcar f -*ft«#r*!5iJ<0S (1 5) lc*?Tfc»(0*a (7 4 

) <b, 

aE»«i<os (i 5) A»60mEa#^-5fte«r5t»^© (7 6) t 

mm^it?-'p*mmmt*%&® (2 a) cass/tfto^at* 
fta* Tm& ztifzzt ft^ffii: r 

30. aaaaaft^ura2a^a (2 b) taara/tAwmia^a < 

2 a) (C-fc^T, 


i^EttSMI (3 5 b) 

mmim&mti&'£$titc%im*-h ok 32) 
fflrE6fi«#- HfciS'&sn, ^rosfisi*- h#>5iroE&2&£a (2 b) 
(c«s?nfci*«a (Kb) tcwrsx-* (K P b) ^sff-rsyn-tzy-y-^ 

I (35a) 

WK5H^eoa5fc«a(c^oT. ttESl S&^COMEt- 1 -? (Kpb) *<fcim 

E&£aa (Ka) #e.a&34ba (Ka.b) £tf-*-r*j:?ti«&*nfca3££8 

(3 5a) 

S9IBe&^ta (Ka.b) lCfi^TWESS5fc« (2 a) ;*£>&ff £tU *><fctM 

mf&ztiitwMb/m^mmw. (37) 

3 1. MEEa&B (3 5 b) tWErnt-ytKl (3 5 a) 4: £?MS&K 

A^stittairct^TSSv-^-b+iy^-f »s 05) rticaAfects^at 

T5»t«3 OEtKO^So 

3 2. B9l3t + j'Jf-f8I (3 5) *TO»mU*TS6, 

-JU (3 5) *6 4*Ct*W«4:rStt*«3 1 Ett£>8iE<, 

3 3. >4»-7x-^€^UTWEEItt«4:afST*>S:»<0lT-r>^ 

-:7x-*«s ok 32) zmcffiTifzz t *»«tr*»*JS3 o#e>n 

3 4. ^170^-71-785 OK 3 2) #«fi (4a, 4b) t 

(v&mm os& r * * i t * »a t r * a* * 3 4 t3*o»jt o 

3 5. t + a'Jf-f -T-'-^EttM (3 5) C*^T\ l^af-^ (K 
a) £E«f *fc»<Z>Ett»11 (3 5 b) MC^asMa^-* (Kpb) 

£S«b. *»oiwE!e(zgijros»*«a^-^ (Kpb) tiwiBiB«s ntz^mm 

(Ka) ttfi^l/, ^tl(CflS»UTa^S*lfe«^ba (Kab) 
t57"Pt7D- (3 5 a) 4:5«ilT«gt$nfc^4:£^tr5-ti + i l J7 L 'f 

-b - v * mmt& «t tfWHMf ttT « t-r>3>(fi:ffiffl*ft5 »#a ( K c) 

k^>v-/^s (bts) €isTioA#fio«tt^a*«icjai5 

€ffl^Ttt#aKc*tt»-r*,» 

aaiiaaTaSfi****. ««aKi&£iM*»*aKcu:a8 

■P^->a>- U'y^J (HLR) t ? - ^^'-^tcjg £> ft, MtCSfcfcffl+O 

T*fcAlZ % aSOTOMA7l/-A#tttfei:i»taKc^Stl«o ^ 
OJ:?C, fl^Wa- !f-a Kil±ISIE-b>£--fc<fcU*S I M ttlCEW £ ft T 
*CTBg#aKc#'I+*£tl, BTS*i«tt«Bi*4i5fe«CJS&n*o 

c. <07j s£ w: ^ < cd$i® t i* t * £ t» co co , aa&ft@& %mmrzm^<r> 
o t , tta^n b e * u /t ft * ^ a * a#tr * « 

tt * tt tc It T ti 4 < aft^K^ £ l£ T 1 O <7> jl - If - »5fc« # & (feCO 


1 1 -5 1 0 6 6 8 

iz * a 'J x -f iftff 
iz * 1 J ^ -< ififf C073 3r £ 3£8 tcB8 T 5 o 

M*HB>^fi*, (ffHitd'KW^PFtfaaso 3 6 5 8 8 s^tcgea^nr^ 

5) -f^yOA (MO MIz^t-v^A, <ffllx.tf3SSItettaiH£2 2 9 
5 2 9 6fi:iHtt?nti^) ICO (Sift) ffilt^7-v^fA, ( 

ffyxtfaiW^ftFtiiaao 51078 9#ize«? nr^^> ^f-yt-r- osa) 

t C <t o T Pf t±i L S £ ti 5 fe^ A f « ^ o 

G SMv^^AtCttffiiLtfK-r 77>7 - T^UaA^i^Jftfl^ 

A'SfllfTS *ITL^$ 1 98 8#1 0^1 2-1 4 BCD^-f v^VU^t:^^-^ 

a»lt#a (dcrc) owa»<7>«4 aStcjRfusnrt^i^-^-c. j. 

UTECOG SMa3S»*(CEtt3 tiT^*o 
GSM0 2. 0 9 r-b + jL "J-^-f COffiSSJ ;GSM03. 20 r-b^zL 1 ;-^^ 

cnsar^aaaa^j ;gsmo3. 21 r-b^^y^-f (caars7'jnfy 

X'AJ 

•rcO,*9&735ST*li, ISSE-b>^- (AuC) t 6> nTu5f-SA'- 

7A f ISK^-b'7^^PA#ffi^^C09&#a#^ (Ki) *«#ut**;, z 

coas#tiiPA^^to^^(c^t#^nr^sm#«s^>i-ju (s i 
(cT^-b^T'^-r. asaaisitttTs&t^ 

t4i'Jr< • t7y 3 >m^ti5t, aa (RAND) #'|gK-b>£- 
#flSH*aSSSa t T li 4 ^B&#^a * W t T 1 > 5 <7> t v ^Si Ttf-f 

*a^tr 5 «& ca^-fba t ffiffl t^-^ # s ^\ «4<b&na ^^ffl t 

TB&#<b Jtlfcf-* COB&^ * SfS#>£ It tfmtdt? %>C £ ifT't* %> 0 

iiffi r 5 Kite, s 4? <7) — tf - t?ft^ izft u T»-^»tt a rows s^o^ffBg 
JiMta «asflr r «a« ^7 a tJtgjET 5 - 1 1> t * * ? e 

l^u. aft®aarc<Dj:94a«tfijffl-rscttej:oT, iricoe^co^i 
mkhtn< mm <»&it z m±^nm u r 3gp# * /c u t a v * h *"jifi -e # * 
met* s c t r * ^#±cora/6 ^ is * r> r t ^ 0 

^or. **«(0«HTttao3e-*«fr-r* "ft«T#*a=# w 9--$ 
^ s a« u . *o ^ n ^ n(o»5S«cffe«»5i£«oa(cHar saf- ^ * 

s coa t , tt(oa^acnsc Lt©f$n fca^- ^ t ca^ttcfe 

<ga?Pi-T*;fc*> ttfctc&amaat&ars^^sfflUTi^o-e, 
roasfeatflb^aimatoattta-p***.^. ssas**^ 2 ooatawau 

*K (^itti'G SMv^T 1 A(7) < i:-7^-bJU : 7-v^5 L A(Z*itt$«i:9 4) » 

fflt** 0 *«wiiE-^-^*>ttt-f >*-*v ^w«t 9«ra«« xaait *> 

(CEtt$tiTt^o 


-3- 


0 i t nas u /cstt -> * ^ a & static ^ ut^n 7 ^ «/£0 

7A5o 

Ei 3 ami <r>fmoM&o—&&Mmtzi&±.ms- vommzmmxHz^v 

1214 (10 1 0>Hitff>H2£<O— SSMtsy- ht7x<©CO^S^«U^6tlC^ 
U:7P y ?«/&0T'&£o 
0 5 (10 1 <0SttO^«W— ffl*ffJJfirs?-'-^^-^H«)S3(lt«USW(w^ 

Ei 6 n 0 5 <n ? - $ ^- * a o -a £ JKjffi r 5 g * ^ u t m r $> z> <, 

El 7 a 11® 1 OH»<0JK«O«St-J:oT»«t$n4t'-AS«W5fitIt-*Ufc 
0T*&3o 

El 7 bllttJ*<DHU<&«lBrtc::<fc*, El <&-ffi*»2$T$M<»Ea*W& 

EI8tl**WW«1 COKJtCO^SO, 02CO/\>Kizy hOM&PSRqofH- 
<om ft £ ^ t £ffi/3c0 T & 5 0 
0 9H1f£l<7>3IS5<7)JJ^C7), Ell (c^Ufc«l£K£rawtt#<bx-*£ff#£ 

Ell 0 a (1$ 1 CDHJSCOfJ2«s0X ®8(Cg*Lfc^> K-fe-y hO!B»fcJ:U f B&^ 

fb©ttWti!*c <t rue? s n * * ;* fcttasauic^ u izXLfimr & $ 0 
eii o c umi tozmmmo, m^^^-^^-^m^nztn^^^ 

«BSfltltC^Lfc*atnE!T**o 

eii o diisi (Dmmmmo), m s <r>/\> K-b-y hrtc<s*#£ft£jfjnA#« 


0 b £ , @j£»fM3fc« 1 2 a * 12bt*>5«)SdftTu5o 

Ifiy^fA-y-h^i'fSa, 8 b tiftlS^ - K6 a, 6 b £<7>t£&, 
fcJiUV-Kea, 6b(DffiIgi^j7^Wttft^JH 4 a, 14b43«fctM 
4 c *»6«r*#fflrott±@tt«T*«o «M4 , »±»y- K6*<ta7-f>1 

V- h-7x-f^8^UT7^tXpI^T'*5 0 
a*«Br«T f -^^'-^»1 5(1 <0SJLtf*ffilB]»«0>* + *;M 4 rtO) ft 

P S T N 1 0 a , 10b 11— ftKJUtlSSr^iU-^ 1 8a, 1 8 b t^U7I 
£SS*1812a, 1 2 b*JM3ftT^*BSfrrt3««1 6 a. 16b£, (ffll 

?2 1 fc^LTffi£CJ8«pFIIB4BIS2ifc-b>*-2 0 a, 2 Obt^bifiSc? 
nri*«. P S T N 1 0 a , 10b £B£»£tt 12a, 12b (fflUtfttBtt 

**<omm*$S5|£«ii (cosKw^erti) , wai* <*n-r non^iz^ 

UT) 3SB*#a*ifi02 2 8 8 9 1 3#*iO ! 3IB!»#»ai««2 2 9 3 7 2 5#tc 

<MM*»5*2> 

02£#BSTS£, Ell ^»#a*«^$tiTv,^ 0 

JBWfrff^OI -?(10^<Dcfc?#M> K-b-y hT'*S<» n> K-b-y h2 a , 2 
b ^O»IBIU:*affl(0-« *««r.-5 fe<0 Til <C < , &*?f2C0^ -f 7D7+>3 
6t, xe-* 34t, A-yf'J 4 0 £, *-/Ty KfiB 3 8 £*fi5ifti::*Ufc 

m&m&n <r f) 0^-71-^3 2 t?>rt3 1 tttc, 5;*^ 

St>0>£Htft0>/\> K-b-y hT<£i\> ifiSlCH (i^^SfV ^7*KW«I: 9 


1 1 -5 1 0 6 6 8 

«?y'a-^ (S I M) W»f^yPi!^6«ttet»(w^U/ianEIT**o 

Ei1 1 a 110 8 OS 1 m> K-b-y *a&#<ba<Dm&BB$;F U * 

017*4, 

01 1 btlS2^> K-fe y hT*<oe&^b«OJfM7*n-b*£^L£&&?50 
01 2tt*#WlW®3a>jlSS<0J^«O. 01 0 c<Bttft$«IEl,/!:-2fcft0?* 

So 

01 3 bli£j3CO|g&&CDJJ;Mgc7X (211 0 d<DttftfcttiELfc)fc*l0?A* 8 

0 1 4 U#5£HB<Z>fg 4 WHfiSCO^ST' t>fc&Sn5t^yfY O&tfi £088 

015 a tl*ft^(0jg 4 0ni&Of&1BtC&-3 < . 0 8<7)M> Kt -y h(Ci»iL6 

01 5 b(lS4O||^<7)0SO^-^^-^SrtC(i^6n/c*SggS? : FtO^-O 
01 5 c (tlf! 4 ©S?Jt^!goa±Srt(:f ?t 6 nfc«m*^«o*' sws 

016 a {01 0 alCfflSStlfctt^TA*) (1, « 4 < 

016 b (01 0 btcffla**ifcS^7*S) 11, S4 0HS£<Off^(C^c5< 
lfti^(0ft^7'n -b * £«&ffiSft(C^ t feaE*i0T * 5 o 
016 c (01 0 c (CM&£ n^^^T'*5) U, »4<0**SO^«l(w»-3< 

01 6 d (01 0dcaJittitS^T'*5) H, S 4 OSIfi5<0Jf$l!g(C^^ < 

01 £#BBT5t, *iisfi<D^eic*^<«Maffi@i«ffl(i^Bfra.-if-» 

*m2 a , 2 b «l3t4'^*M4 a, 4 b «Si6±^y- K6 a , 6 b £ 
,«l->7,rA-y-h7i^8a, 8 b £ . £*$5H&M®&& 1 0 a . 1 


K (SIM) 3 5^§§t5 KIKU*S3 3t)fif^e>tl5 0 

n-Sf/T-'D-Sf (zi-^-y ^) 3 0(lBI*;iTiE3- KftSffoT§«>4. 8 
+ Pt' y K7)i£iSi«JSTii- Kfbt' y K^ h 'J-/»t4«T5f t • =!-£' 
TOi*)3. 6+Pt**y hT#Bt'-y h '>» -A S^T5<£t' v Hi&M 
JS=i-^t*»&«jac^nTt^5o «t*-y h{5a£ajjta-^(lWliLtt>M/^^^ 

(mplpc) , K7 •v?®mnm j ? ; mzi-# <celp) 

JS^B6fi8^^«3-^ (RE LP) Widfrm^iHs-^TJ:^* A4t^^^ 

SffiS n*Bi»JlTE3- Mb(C(l^Q-y • 3- h\ BCH=J-K, 'J-K— 
VPt >(Reed-Solomon) =1- K, - KS - K (convolutio 

nalcode) 5ffluTfc«ti^ HttlCD-^v ^ 3 0 11 (^fliL t^Viterbi . Tfcfc 
^V7 h^=l- K<b€fflt*fc) »ftfr4^ + *JU • f3-^tt^-^t 

Ii:ifl)C7*P^9AS nt7<7P7*Pt7t, 7i-7P3>hQ-7, 3: 
Jtttf<y^^flf7*Di!7if (DSP) ^y^6^4*gffl)I5]S3 7 (Cfili 
SHgi-tl3-^3 0 ttt"&SnTt»J:x^ ) t>«A&tlTt^ 0 

S IM3 5U, $7* U<(lGSMfft^»^0 2. 1 7 rfiPA#KS^ v i 
J *J:Uf1 1.11 lCig«!-t5fcOT'<fcoT, »* U < tlI#gH& T^^- 
- KJ t [sTmMZtiZo fitoTS I M 3 5 £ISIK^*g3 3 £11, if* U< UB 
KS^te ISO 7 8 1 0 , 7 8 1 1 *ilf7 8 1 5 tiTi^S J: 3 «T h<DV 

A4o Cti^COm, *lt/GSM0 2. 1 7 fcctt/ 1 1. 1 1 te±T*WmW 

tr##5:iK£ LTffiAne»nT^4o 

m^flDCd, S I M 3 5 tiyn-b -y-ltSSa tfrX** % ) <p e r m a n © n 
t memory) 3 5 b £ mfl^c ^Piz -y * 3 5 a H^C^T* <t 
A4«0B*^b«figtff^J:^(C««$nTl^o 

<t&±^y- K6> 
46±sy- K6 (i«S£amr « J: ^ C«ffi$ tiTi^o 


ttLt^y- K6(iE13C^r J:?C 4 '>ft < fct, 1 ^£0^14 £ii»T3 
,fc?i;:«j£$n£'>ft< tt»1 ~3CD<»Ei&&7 y >5^2 4 T>tT2 4 left 
#£J£££tf><7)R FyC7-«MS«2 6 a ts T>r-f2 A * SltT * 
#0RF/\*7-t#«SS§2 6bi:, *£MmS:T-'-*£E«U 7*>t-*-2 4<0 

M?ft«fl 4 <DMm Um^M. 2 8 £ & 6 ft *fi£3feJK<D«Si6±e 2 2 ^ e> 

&_tA y — K 6 lili: , lTffil5]^«<7)-S sj^«r * u > ? ef&& $nt 
0Siffl^'f7f 4 4 ^6ft$»»*£3Ett1z>^-4 2 £«xT^-5 0 

4 6i^ *-r -y*4 4 tifcp*aai,£efcu *ne>££f£fi*i 

(I^fiftLT. ffit'-y h^iSiS*<0»a— r-'-yf 5 0£^LTi*Mg&2 6 
(&tiJ:?i:«Jffi^Ti^, ife_t®y- K6(iy- K 6 *i £&ff 

t5M4o*- t'^0ttrtos-^Bi*a5K« 2 a <nt$m ft x - * t e«t * s 

HrrtE«»K4 8 tffliri'4 0 

<^r- h^i< 8> 
(3 4 >r - h0x<^8 a . 8 b 11. £ COH*5<7)ff$«§T It G S M 

^OrtJBSO^tt^«5-t:>5f- (MSC) *^fflfi£$nT^5 0 **l*tt, -7 s - 

tSJ:?[;B^T5PSTN 10 a, 1 0 bWI o fcJgj&TSSBESEttlSL *fc 

>r- h0i<S8tiPSTN 1 0A»6A«PSTN8t«8»»l7 2 WHftlT' 

4 <fc?iCW£eSn£;W y*7 0 ac«a.Tt**o ^17 2l*«-*8SM7 4 * 

sesaasntT-'-'S' • ***ji>6 o tafft seta* 

T'S, *»O&*«(0a«ft«lit (^jLlf/^'^SftttATMt^) T't- ! -£ • 

hOi-fS8i:li>r- hOx-f A8 Jtf*0>fc&iO*-A • hOx-fS 
T*S»»«=»5fi«2(3«T*tt3e, -9— t'^^J:^ (OK!!(0«*tl3t8r*E 

*B4>C0*&±B-/- K6CMUTEttSSa5 4 ^meof-^ * 

<ICD<£ 9 IC, :«S»Wfi?ttf-$^-^Sl 5 (*G SMv^fAW't- 
A * ny-'>3>* l/'>'^$ (H L R) G SMvXT-A<0g8ffi-fe>£- (A 
uC) <0P5^«fiBtfttrJ:^C»fftT*i*J. frOrfilSWG SMSISSfffl 

<*14 > 

3£*fiUlC«£4 a . 4 b(*£*0COfc j-XHS 6 0 1 fi<7> J: ? ftt£*Jf*<7)»ft 

3zmtmtem$£2 28891 3ti:i^snti^j:n 

£T£<fc9(C«/£<*ftTi5»K §*<0fc"-A(«il1ttfctilB*2 2 9 3 7 2 5# 
CB«$ti, 07 a eia^Ufc«t 9ft^j»OI*ftftffli6a^l'*^t*-f A • * 
□ ■y ht«*AT^5. 

fc#ft»0£ffirti::3^fttttt?fl5tl$tU f$Ul**1 OCT) (££tf*ftmjLCD> 
Mfcfflla.lfl2l7 btz^-t^^e 1 0,5 0 0*n*- (S 

thlS^O 3 6 5 8 8 5^. ^Aclimtf-f V A v^xAKMT* *<7>#CD*| 

nmzmTjk <* n r l * s «t 9 e . * nw±coacot««co«i * u r t» <t 1 *«» 

-3l«<DJFSBTli* HSO^»f*SS;fc«2 (* 2 0<7)J*ft *ttSO-77Tg$|tT* 
#5o -Tftb*, ^BteasttSflM ocOSBfTft^SMv^^ABfiifflW-S 

UTT't>atlT'£* M *ttfl«r «ST'*4o 

2 <7)#lg (Tftfc* "gpW *fct* ) 
»1 5 0>Ktt»S5 4(C{tS2^C«#dti9IBt>C8e«dti«. 
MM*3«5fe«2l*. *fl>&«^rft*3*»*«23fi( f ftIifffi(Cffiffl$*iAB» % 43 


1 1 —5 1 0 6 6 8 
tt&K7 6t)i»jtenn^o ^-^t*. pstnio, s&aar£isi!m£tt 

^cT5i&±©y- K6 *»6ft#»it7 4 *fctt*-f 7 f7 0 ^^LTgfl^ ti/c 
2(CJ:oTK«SSJI7 6(Z»a*n*« COE«^HUtfe_tG s 

isiai 4«4Ttti | j>7J!p^on^o ^aai 4 uftatcti^iiaT* 

5(7>T, @ai 4«0a«l O^CD^meU^-V^JKOSIJIScO-t y 

ua>u, diiii 0 ts^<5sis»t«fflurt>«t?ftt^ 
<-^-^^-^s 1 5 > 

■y*5 8 4:, f-^^-7|| 1 5 h ^ x -f A 8 £ 6 £ ICt&ttT *ft 

^afttfcttx-^ • ^-y-b-> ? a«s<oaffi*>^7 i A@a***«-r5ft#y 

E«»«5 4(l^TO*0A*»*«2«tc. (GatfSRSMMMilU* 

hssij^. rftft^ i ms i ) istiBfi^ a5fe«2«afto«©.(«(c»isrs 
^t^tc^n^ r^^rtj r*ttWj T*aao , (ffiiso^tt?, 

inn^ ^^is£ t ^^T *D-Kturro) ^Bf^am« 2 <o%««»fttt1I, 
> h <Di&<nr- * * asr- # § <t 9 o Rii^-f nc<t o 

Tfi»$*lTt^ r*-Aj h0x<A8, *U:tmW2# f -tncj:-3Tai 

£4 t^uraftrsssttB't'WiftjiSy- K6 £-£a,T'^* 0 E«^a<?)rt 

ft*»3l5 6t7*nt7*tliy- h^x< 8 K6*f 6 </^-y h 

««?lsm«tj:^) tt#%ftia%6 o tar. (^At/ae*S2cottg#^(7)ci: 
oft) ^B^a^«2«>i o^^-r-s^-^^eft^i^i/isit^-^ * * v-t 

^-f -y^ • ^>CO^(7)(SJtCSS8aiJtZ-tz J FU5-«fe±iftmO^T ! ^T**SiB 

a»ya-b'^**frr*o &m<»£tsi). fi»yn-b^l± (0y^tfUB##^ * 

awtfmw. fct<(ift#aftH>saT*i^fi-rsctej:^T) ^Bf^a^« 
2 **#*r*ft#affioff^*t*o 
a£ft stifctMiii ojy±co*M4icj:oTe*y<77 7 yy$n5o a«<o«>a 

T'U. «-^tta»<0*fi4U:j:oTe-y^7'-yrStl. ©ft * n/cif #5SS*i«t 
a»B9I«3» f ©B*3!B5S«2 t«#*smr*«£4a>»»ij«t4:t> 
(C. M4 j9 r aftLTt^0)«b±»-/-K (*tt*fcttaa> 645<*:a*ff^a6 

T-$^'-^1 SCOrn-fey+f-B 8ttffliltl^!l»B#IBIffitC^i;T^B*a* 

♦S2cot6_b©a^s+jrur. iottau^-^^'-^s 4rt*cE«*n*« #b 
a*«2ta«r3.oe«aft«jis^-K6 ( "ggBA" > ommzbtm* 
ti5 0 ctiti-ffiic, i3»*nfca*«2«)eiitE«*nfc&^«)«6±»y- 

K6<OBr3£ftHt€Jt(Sl/, »t»i£t^ataiRr 5 7*Pt y * 5 8tCtoT^ 
U*'L, $>Z\,Ht*<Dttt>>}lZ^ «£4 ^^LTSft^ tiAft 

7<xDii^ti, &tj}#-&i£m 2 etftaegtc $ « (±ftv,vtft±Ay - k ta 
twtB«aa5 4rtT , -eoa*«ffloiB«ciB**n*o 

^B^as^tg 2 ^co, $ ^ «^B<*a6^«^ e> <nwth L^asti^ y □ * ^ i* 
, 5S7jtti*wa»tc^u:fflAne.nTt^3is»Ruiaffi2 295296-% 

Sfcl*PCT/3e@&BH&9 5 0 1 0 8 7 ^(CfffflCEtt* nti^ e RK«(=K 
tSSSrSt, *0>fcttP¥HJU$4MUftc\, ±E«)3IH*«ty r HIBaiacE 
iTBIS&ft^aAgiaffi (PSTN) ^T*l'J>7^l,Tft*^-h 


1 •D«»5fe«<0i— tf- 1 gi|<7)S»5R«(0 J.— »f- 1 0>lfiJ(DP¥*J U tiff m 1 
&-f L t> -f 9 ViS- & < T t> <fc t>> Iff 2 <7)^B^^««> J.-- tf-(0(S6B*fi±R^ 

(2)8 »0 2(O^B»*«O* : ?t«^fi#<O/lftnt J:*J»fflC^UTv,^o 
>79""3 1 Jtre.gf&*-ftfcfMl*R F^fA3 2IUdTR FfflW* tu HfHTMb 

xu sffluTgft 7-2 £ isirr* * 9 i^sn^yat-; 3 7 tcs 

6ti« 0 B&#«KaiiKa.bi:^t±'neo 

KttSftfckf -y K7 hg-Ati^lc^-r*^D— 5^7 7 3 0 blC&e>ft. ^ 
^UHIEt-^- KtfT^. tt'JlTjESnfcWiafM^T-'-r v 2 ^/7*7n 
Jftgfc^fctfy M£&M^fB;^3-7y? 3 0 a IC#U&3*U *<Tj7'7a7"& 

n*o si*miE$nfct"-> 1-7 hv-Aim^it*- kc a ii*iciHa 

SB 3 7 ICJ^TWHHbStU Bl^b$n/ct*7 1-7 K'J-A(47 7 >7 t ^-3 1 A* 

t> ism' 5'n«*7(;ft K ^ 3 2 icis 6> n * o 
^f77"i 2 1 ot\ ^f-^^'-^si 5 t*ff ttfemsm 6 0 £ . *ii 

fno»±B6 b*s«fcU*6 a $14 b t 4 a £ £*£TSg 1 i&7*a (Kpa) £ 
£2»5fe«2 blC2£1iU ^2S^« (Kpb) £ $ 1 »£#t 2 a (CJSfg T 

£ CDJgfllT* , 11 * 0»£ttafi£L£j- RANDt <»mmzO R ;*HtZ J: o TBEC 
"77^>7"JU" Stiti^, &T>a<7>1 o$ttST*&BW(0iM#U:2o<D 

*$p*ii*£ . r«rft*aaRANDt »£tta t ic it® -r * <tj ? * n a* e 58-*tga 

0 b £#t8-f ^f77*1 1 0 6 T*£*fe±Rti©7}a£Sft U 
. 77y7*1 1 0 8T'CtiS^a^i:^$c 

Ell 0 a £#H§-rSfc, ^777*1 0 0 4 ?&*(0&Btti*5l5«tt*tt5T*S 
#a£SfIT5o ^77*1 0 06T\ S^atl*- KKBKU«3 3 £^LTS 

1 M3 StCj&ff Sft£o 

ilOd ^#P§tSt, ^f77'1 3 0 2T\ SI Ml*tt#«£fi1ll/. 7.7 
•;7"1 3 0 4 T'S t Mtt^'J 3 5 brt**6sS*«afcttttJT« ^T7/1 3 0 
6t\ S IM7nt7lf3 5 attSlfl/fcai^atlBtt* tiTL^sai3|Q«atr 
fcf-y h73^O^iifefiU0R)Wf^fi9CttCj:oT^<ba^S+*UT. Sfffcfc 1 

2 8 fcf-y hO/Wt'JjS*ftlSr5o ^T7 7'1 3 0 8T\ S I M 3 5 li*<"D<|: 
9trUTtt*£ft£ (Ka, Kb£Prli"*t£> »^b«* *- KttBIU« 3 3 €g 

£l*B:$tt2 a(::&&ftfcgfta^&2tt$tt2 b£Oa^*S»Kbta^RA 
NDt<0^ffeMORHa<0fl (Kpb=Kb+R AND) T A S d t ^ fflfi S tlJ: 
9o C(DJ:9lC. 0 alC^TJ^tC, Xf77*1 30 6?, d£>S#&Kpb 

t sg^aa k a £ <Dm\m o r itwoflt t u ritw $ n feas^ba t* k ab= k b+ 

R AN D + KaTA5 0 

E]1 0 b(C^-r<fc9U:«2aa5l5«2 b-Pti. ItK^ nfctt#4baKab 
UflS^aKpafc^lSaKbtW^ttflllOR-aWKDWP&Sc »L^Jftx*t. K 


1 1 -5 1 0 6 6 8 

09, 1 0*3<fcUM 1 *#^L,T> Jft«WH&#<b*-K*m«-r*7n-tz;*$ 
2OC0J-- -tf-a^*S2 at2 blBwaft-b-y *>a -Tj* t &m7j<r> 

^#BST*i:, ^f-;7*1 0 0 2TP¥tiiLfB[l(i*-**- K3 8C<t5#- • X h 
l/T«S»*n, ^oT7'Pt7t3 7inf 7 7'l 0 0 2 TW«rt$ft; 

ttHarstflflP^+^^TWBs^btcH^^ft^tiSftrsc 

@1 0 b £#B3-t-5£:, tfel^6T, ^f77"1 1 0 2 Ttt^-f /<v-B^ 
ff^* f Sff$n, ^f;7"1 1 04Tff-^{J 2 8*^:1/2 b(0»»q€* 

^TttJjy^- Kttt>(C) ^f'-^^-^Sl 5C, $ fcS2<Z>:i-1f-SB5fe 

1 0 0 2 -ptr^ft^o 
@1 0 c ^#pa-r^i;, 7777*1 2 0 2 tC4o^^T 7"7 -f /<v-fS ^3tf r «t»*'T f 

7777*1 2 0 4 T\ 7-^a'-7S 1 5<0=i>hP- : 75 8* i '^^ l J5 4lC 
77t^L, «1 ^Bf*a*«2 afflCI3«*ti/i«>*(0tt#<baKai:. i2 

^Bf*a^«g2 b^tcfBi«$nfcaKbt^Kfcti-r 0 

7x77*1 2 0 6T\ 3>hD-75 8 li*Sf&&8 (RAND) ^^fiScTSo 
CCOSSJS^STW, aKatKbtti-fti^ni 2 8t'7 ht&/<-f 7'J&Tft 
*K SL3SR AND ti!?iJco 1 2 8 fc'-y h • A'<tija?*5 0 
777 71 2 0 8 3>hn-758ti^1 t^2<0Sf>aKpai: Kpbt £ 

hwifiitsti, ^ost*7 KHg2»5(K«aKb(o^f5OTrt<7)t**y hta 

aRAN0tO»ffi«JORHa7*So ^7i:» «2S»aKpbttKb+R 

ANDtc^ui^ (ffiUx +tt/w^yaro8M6tt0R*;**$^T> „ 

SI ®7>aKpa«EI1 0blC^T<t9iC ^ 1 SS^aKataSStR AN D £ 

ab= Ka+ RAN D + KbT'$>Z>o 

010 a Zmxf&mT%£. 77771 0 0 8Ti*«^Dl!'y*3 7 lifig^ 
4baKab«eftU. 7777*1 0 1 0T'a^37(i^fb^-K(Z-W*J»t>5 
o 77 7 7*1 0 1 2 tC^TJ: 9tC 7*13 -ti 7 IT 3 7 t± R F -£H*5<£ 

fKDBtC-a-T-'V? 3 0 *>e><7)fc'7 1-7 h'J-A^B&#fbU, ^ORFtfAS 
2*S0)jfc*J5rst*-y K7 MJ-At3-f 7 73 0 IC^^nSgJtCftfiSr 56i 

H&^bT^^'JXAlJftS^JgSCOTJbZf'JXAT'J: < , (S&^bagf**^ 

/\>Kt7K'ffl^6ti, 1fti£C0f£^»JM ic SBt2 n T t ^5 A 5 Bf^ bT J u rf U 
XATftJ-lt^ffiWPA'So- cnt±Ui:A,i:COG SM/O Kiz-y h(Cf5tcrtK 

C(7)J:9(*:, RJijT * t!H9t-:^rj: 9C CCOHSS^STti^^ 2 tl 
3g^. 43<tU r 4'^7-^^'-7R1 5rtl":«ii.6^/cS I M 3 5 f^lCIBW? tl 

isaa r « 4 a^«a ^in^o tfflsns ba t* <D%&zm 

a«)HftT**5o 7-^a'-7B 1 5(i-73Oa^«2(C<i}37703S^«l<Da!i-*«l 

a^E7>T5o 

3e^sativ7^>v r $H/c*f^r'E7j$n5 0 x<7)nss<off$isi-:ti 175-77 

+ >^tiaatcomft6lJOR;J k ilt(r;*f^€iiUT^5 0 frt>n 

r * co» g <o^3t^tfia ^7+>^-?n & #0> ja^flia t r * ( c <fc ^ s 
»*«Ta^**«a<oH-©HaT* * as^t * n &ai^«a t ^rsr s « 

^«atv7+>v r $n/c^T^ff-r$c:<t:tc<t:oT. awt^^fn* 
<7)^i»a^oT <7 -b 7#f&£*s -*> ^ t «f|»ih ?n5o (m^ tf ssfeiaawjg^ 


-6- 


mtfi&yj<D*&3imiz&m$fttzm#mzM< z *ns#ro»5ic«a$ 
Mot, aa£«mi/>ifc, jSftsnfca^a^&^amtta^KttT*^ 

9lCE) 1 0 c <T>Xt>-j?\ 2 0 4 A 1 1» 1 2 1 0Of€#3UlC^T"y y 1 4 0 4 ^6 
1 4 2 0 £T*#*3S*T;*ft£/k£B$^Ttimi <D£K00»i:«t*Hl*i::»ftT* 

HoT, ^f7^1 2 0 2(1)11, 8 li ftT'^T- *y ~f 1 4 0 4 T'l 

lSSB*«aKa(-T^-b^U, >£c: Uf-yyi 2 0 6 IcBfl U TS5i£ 9 K 
) 7f 7 7l 4 0 6T&&£ft#U #C Uf'^l 2 0 8 ICR) L Tfitfiili U 
*9i=) ^7-^1 4 0 8THS^HtIU fclC Ur-^l 2 1 0 (CM 

auTa5atLfc«t7(3) ^t^i 4 1 0 t-n u^nzmttZo 

, m2s#a£i+*u uf^n 4 16). mz&imz&mis uf-;^i 

4 18). ^•Pfg2ffi^at«2a*«at*>H*r* Ur-yn 420). 

concur. i<7)R*so0JET f tt2-p<»ai»ai:a5i5«a^oT^-b^(i 

2oco^^a43*ti>* (Jtii) aumaa^roT^-b^tifft^a-pti^ftT* 
40ttwe7»5?. mif, 2o<7)ai^«a€Me<ii=»»5njfcttincjsift 
l . >x caa 5 * ^ T»3K«a caisr * • 

m $ n -5 <t y «t5*tt^t7' jwj^^i^ci: trsimz- &*>o<, «« tc. 

^t^^5 s^at' t± 4- < mm $ n /css^aa * m&m^itt $ c 1 *> mi 
T*^?o ^ncioT, sfisntas^aa^s i M3 5rtT«tt»tt$n5 

(7)7, &tA,£<DttMT<£ i )&^L"<)V<ni>*3. i )T-i tftobtl*?,, LfrL, 
<S4<0*M«JIS»> 

SSH (^f7^2 0 0 2). I7-f>^-7i-7B|tifc Uf7^2 0 0 4) 

, i^ne§^t Uf7^2 006) t*&£o 

(HI 5 a £#fB-f ^>Kt7h*yPt7t37tS I M3 5 £IZ£~? 

16. %\m<r>-?4 7U7niz y VZfc it T-i v£^fl# ZfUizy V (DSP) tC«t 
■oTSfTTSCfcti?**^ COUfc^ST'li, j|IBlCt*±15(7>yn-b y 
K-b^ h(*JC 1 SAN 3 5F*3tZ1 OO^ijt^nTi^/Uo 

01 5 a Z&m?%t, T>9-j-3 1 #»$SfBStl> R FtfA3 2i:^oT 
«H $ tl £ff#li X7 £ - y x - ^B&#^ba K«o T G S M 1? £> 


1 1 — 5 1 0 6 6 8 

t»u:ra-w2^coaaii^«t»*4 2^<on^-v3>(cMa<!(cait. * 

£tC200«3fc«a£affUTt>«fcL*o <ICDJ:9C, 2O05g5M8a*i t *:U : (* 
<m3ro*«E0^IB> 

5 0 ^WHJS^^STli. &iSmStCB&^b^T^n5.I<ttC<*:oT-t?^a. l >l7 i 

Htttc, G SM->^7 1 ATii3g]£0«3i(OXT< >5f - 7 x -X^%mm? * 

ftoT. C<DSIJfiOff$flsT*U. SIM35(* (G S M y^fAt'^^ tl* A 
5 7^J'JXA?ftiit« f ffi^) »^»B67 7 ;UJ l JXAtKttUTtiU. ^ 
o^- 5f 1 5 li#J&T *H&^bT =T U XI* * HfTT 5 «t 5 $ tl 

IH1 3a€#i?t§tv C<7)lt»<0^ISlTU«1 £7)S?fiSCOJT^(7)(U 1 0 ccor 
Pt^ti^fvT'l 2 0 8 £ 1 2 1 OCOPltC^^y ~f 1 2 0 9 fc^-to* <fc 9 (Cfc 

12] 1 3b£#8a-$-3fc. 3<7)HJfiCD^T'lj@-Se^*gT'S I Mrn-b-y^ 3 5 
a li^f7^1 3 0 4 £ 1 3 0 6 tOfflT'JI/lD£0^x7 7 , 1 3 0 5 SH^f^o 

^f 7 ^i 3 0 57, &mztLtc®#mttm*k<bmzzmT2>m^s&3imm*m 

Tiz + iy^-o^ECiSSSo e&^t ^ O»5lc«<oaft*«a t * Qffi L T * d 

* 5 ) s 2 B&-EM¥tt7 7 A' ^ y x a t affl r * «t 9 c«« $ n a 2 b/e&# 

Aliff&3 7 4 t ^a«T5o Btf)SK?ntb'7 h'J-Att^^lTO-T 
773 OdffttS* tl^o 

HttCLT, □-77^ 3 0 3^&(0#gt'7 h y-AliiSC0ie^T2oC> 
B&#<b/K^«i«©3 7 2 , 3 7 4 £S&38T£ 0 ii^JSCtJ/cft, 
5 aTtiiirdSUT&^c 

s i m 3 srticu^ss^^aKisiattrs^to^^saisttuv 
^^35 2^EB$nTi^ 0 asic«aieitU'v^^ 352 iias^»Kt$^ 
«att«©3 5 4 ca6*<t 9 c^a$ nr 43 y, ^rosttwaoGSMminc 

K«$tl. GSMy7rAT ; ^ftlT^5A37J^'J7 , Ai;^oT, 
€BttT*/t»U:fflt^&ti5 "WMtfWS" ft (SRES) €tt!TTSJ:9C 
«l£StlT^$a fCSf+ltSS 5 4 t±* - KKI»y«3 3 t^LTRFtf'A3 

2*»e»ai*$ti*Ba^bsti«cv^e-y hu-A#e>aa (randi) ss 

3s^<aa- uyx^3 5 2u«3ic«aKi«aia^cis3 5 6(cs*<t9ic 
t)*sal?tiT43y, lostaft (rand d tstt-Ux *o.ti*»-&±i3(o 

G S Mm^»3§twIBtt? tl, G SMv^f AT'ili £ tif^-5 A 8 T^rf 'J 
(CSfeo T 17 ^ - 7 x - *B»<ba Kc t ItJTT S J: 9 (C«fiJt * tl T 

d<7)«t9iiuTi+»$ti^a«^- KttSRy»3 3 i^ura*«7*pt7t3 

7<oai O (I7-f>^-7i-7) BB^t/IIS#«tt® 3 7 2 CJS6*l*, 

^«ga- l-->'*$ 3 5 2 utt^aa«a2a^i9!3 5 *iz&z±oizbm 

a$tiT43y. C<7)^li36^«7'a-tz'ytl'3 7 O (!7M>£-7x-* 

) B&^b/»*»Hlft3 7 2««tt* tifctt^^S- Kttiay«3 3 ZftL 

r) gftr«j:9»ctea*n>i:ai8*«aKita»aKpb*ftiffli,T (±tecog 

i (7) «t 9 (C U TSt* $ tl ^5»^*a(BK^batJ2S5fe«8y P t7t37(0!2O 
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01 5 b£#8g-t£i, ^x-^^Rii, ca>3&»Off$!®Tli*ft-rft 

o&mm&tzi&ftiknmftT'mjtui 2 8 try h<o/WT-';a (randd $ 
as 4 isis&ss 4 #*><»Mn®mtn& (randd t ssmu *o 
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